Re: [PATCH] Fix remaining cases of direct logging of untrusted strings by avc_audit

Tuesday, 24 May 2005

On Tuesday 24 May 2005 16:11, Klaus Weidner wrote:
...
 On Tue, May 24, 2005 at 09:30:27PM +0100, David Woodhouse wrote:
 > On Tue, 2005-05-24 at 14:18 -0400, Stephen Smalley wrote:
 > > Note that d_name.name is nul-terminated by d_alloc()
 > 
 > I wouldn't claim to be 100% convinced that it's always nul-terminated,
 > but we were relying on that already so OK.

 Good thing we're not trying to get certified at EAL7, this doesn't quite
 meet "formally verified design" requirements ;-) 
Doesn't EAL7 also require that the administrator renounces spirituality and 
any and all other indelible human traits? :)

-tim

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

Re: [PATCH] Fix remaining cases of direct logging of untrusted strings by avc_audit