Re: audit 1.0.4 released
On Friday 23 September 2005 12:39, Marcus Meissner wrote:
You forgot to mention that a user program can actually crash auditd
with
it.
It can't crash auditd. I didn't forget to mention it. To my knowledge,
anything related to this isn't publicly known. :)
Or was it the pam module?
It was a combination of programs that are only available under un-updated FC4.
As of audit 0.9.3 and later, the buffers were big enough that pam couldn't
cause problems anymore. The fix I added is just to ensure that if any 3rd
party apps are created that use audit_send_user_message, that they are
protected.
-Steve