Re: [PATCH] Fix acct quoting in audit_log_acct_message())

On Tue, 2008-03-04 at 13:29 -0500, John Dennis wrote: You also need to start looking at where messages come from before we decide we can change them any way we want. Any message generated by the audit system should be encoded according to the audit system standards. Any message generated by a CONSUMER of the audit system is wholely responsible for their own encoding decisions (although we obviously should encourage them to follow standard practice.) The audit system has no 'right' to change those messages just to make a userspace library easier. I realize you don't want to ever look at the TYPE= part of the message to make decisions, but that's just too bad. Lets standardize syscall messages. Lets standardize audit config messages. Lets standardize every message the audit system itself generates. If the package owners so choose lets standardize each userspace audit message. But avc messages are wholely the responsibility of the selinux community and I don't want to see any patches which makes them fail to be backwards compatible. Like it or not I will not accept any kernel patch which causes a new kernel to break SELinux usability with FC2 userspace. read that again. -Eric