Re: Getting the program name in audit messages
On Thu, 2005-03-31 at 16:30 -0500, Steve Grubb wrote:
Hello,
This topic has already been discussed on the SE Linux mail list. Because the
attached patch affects the audit code, I want to put it out here for
discussion as well. I started with a patch to put the program name into avc
messages and Stephen Smalley changed the patch to put the processing in
audit_log_exit.
BTW, I think we need to run the comm through audit_log_untrustedstring
or similar, and likewise for the path generated for the exe. Right?
--
Stephen Smalley <sds(a)tycho.nsa.gov>
National Security Agency