kernel/audit.h · 4e8a2372f9255a1464ef488ed925455f53fbdaa1 · Arch Linux / Packaging / Upstream / linux-rt-lts

16 years ago

fixing audit rule ordering mess, part 1 · 0590b933

Al Viro authored 16 years ago


Problem: ordering between the rules on exit chain is currently lost;
all watch and inode rules are listed after everything else _and_
exit,never on one kind doesn't stop exit,always on another from
being matched.

Solution: assign priorities to rules, keep track of the current
highest-priority matching rule and its result (always/never).

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>

0590b933

History

fixing audit rule ordering mess, part 1

Al Viro authored 16 years ago


Problem: ordering between the rules on exit chain is currently lost;
all watch and inode rules are listed after everything else _and_
exit,never on one kind doesn't stop exit,always on another from
being matched.

Solution: assign priorities to rules, keep track of the current
highest-priority matching rule and its result (always/never).

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>

Code owners

Assign users and groups as approvers for specific file changes. Learn more.

Admin message