Re: [PATCH V9 3/3] audit: add audit by children of executable path

Friday, 7 August 2015

On Friday, August 07, 2015 02:37:15 AM Richard Guy Briggs wrote:
...
 On 15/08/06, Paul Moore wrote:

 > I guess what I'm saying is that I'm not currently convinced that
 > there is enough value in this to offset the risk I feel the loop
 > presents. I understand the use cases that you are mentioning, the
 > are the same as the last time we discussed this, but I'm going to
 > need something better than that.

 Can you better describe the loop that concerns you?  I don't quite see
 it. 
It would be the only loop in the patch, look at the for loop in 
audit_filter_rules() which iterates up the process' parent chain.

-- 
paul moore
www.paul-moore.com

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

Re: [PATCH V9 3/3] audit: add audit by children of executable path