Re: [PATCH] execve argument logging
On Friday 21 April 2006 16:19, Valdis.Kletnieks(a)vt.edu wrote:
Does this allow an attacker to DoS the audit log by creating a
fork/exec
loop intentionally invoking a totally duff binary, but that includes a very
long argument?
I personally haven't tried. Try it and let us know if you can DoS the machine.
Maybe a "first 32/64 bytes of each argument" limit is
needed? Or is there
one there and I missed it?
There's no limit other than what the kernel imposes.
-Steve