On Tue, 2009-03-31 at 23:44 +0200, Etienne Basset wrote:
Eric Paris wrote:
> On Mon, 2009-03-30 at 20:30 +0200, Etienne Basset wrote:
>>> I pretty strongly detest %s these days. Using it on the
left side of an
>>> = is ok if you are REALLY careful. Using it on the right makes me
>>> cringe. Can smack labels have characters which are not ascii letters
>>> (spaces?)
>>>
>> no, smack basically do the same tests when importing smack label than you do
>> in kernel/audit.c:audit_string_contains_control
>> except smack allows the '"' character
>
> How did you plan to handle a SMACK label with a ' ? Using the audit
> string functions and being given a label with a " is going to give you
> the hex output. (which might someday turn into better encoding, but I'm
> still waiting to see some code to do it better)
>
hum, since smack labels cannot have special characters and are limited to length 24,
maybe we could just do :
subject=FOO object=BAR
but it would imply using a "object=%s subject=%s"
or using audit_log_untrustedstring and live with the fact that Labels with
'"' will be
printed in hex (i dont expect '"' to be frequently used in labels.)
Since it can contain a " you may not use %s. Just go with
audit_log_untrustedstring and hope people don't use a "
> Can I suggest if you write userspace tools to do anything with
these
> audit records that you use libauparse? So if we do make changes, SMACK
> tools keep working (this is the main problem with changing how SELinux
> uses audit, the userspace tools don't use libauparse so we can't make
> changes in just the kernel+library...)
>
i can have a look, but my first need is /var/log/messages being pretty obvious to read
The changes to string encoding and we want to do would actually make
records more human readable, so if that's your concern we are good.
But, if you ever make tools that parse the raw audit.log rather than
using libauparse it possible (likely?) they break someday down the line.
Don't forget these are going to show up in /var/log/audit/audit.log if
you have auditd running. They'll show up in dmesg/syslog if not.
Thanks for trying to share code between LSMs!
-Eric