In execve(), audit the path name being executed. In the future, it

would also be good to audit the interpreter pathname, if any. Obtained from: TrustedBSD Project
author: rwatson <rwatson@FreeBSD.org> 2006-05-28 08:28:47 +0000
committer: rwatson <rwatson@FreeBSD.org> 2006-05-28 08:28:47 +0000
commit: 81673aab339b656569a63787e8506cd835f7252d (patch)
tree: 3b1830d004e58076cfb014fae8fce5af737b3934 /sys/kern/kern_exec.c
parent: ac5d85085eb51d87b2df07379a0b6496fb4ea283 (diff)
download: FreeBSD-src-81673aab339b656569a63787e8506cd835f7252d.zip
FreeBSD-src-81673aab339b656569a63787e8506cd835f7252d.tar.gz
1 files changed, 2 insertions, 2 deletions
diff --git a/sys/kern/kern_exec.c b/sys/kern/kern_exec.c
index d4aab82..cb61b86 100644
--- a/sys/kern/kern_exec.c
+++ b/sys/kern/kern_exec.c
@@ -353,8 +353,8 @@ do_execve(td, args, mac_p)
 	 *	in ni_vp amoung other things.
 	 */
 	ndp = &nd;
-	NDINIT(ndp, LOOKUP, ISOPEN | LOCKLEAF | FOLLOW | SAVENAME | MPSAFE,
-	    UIO_SYSSPACE, args->fname, td);
+	NDINIT(ndp, LOOKUP, ISOPEN | LOCKLEAF | FOLLOW | SAVENAME | MPSAFE |
+	    AUDITVNODE1, UIO_SYSSPACE, args->fname, td);
 
 interpret:
 	error = namei(ndp);
author	rwatson <rwatson@FreeBSD.org>	2006-05-28 08:28:47 +0000
committer	rwatson <rwatson@FreeBSD.org>	2006-05-28 08:28:47 +0000
commit	81673aab339b656569a63787e8506cd835f7252d (patch)
tree	3b1830d004e58076cfb014fae8fce5af737b3934 /sys/kern/kern_exec.c
parent	ac5d85085eb51d87b2df07379a0b6496fb4ea283 (diff)
download	FreeBSD-src-81673aab339b656569a63787e8506cd835f7252d.zip FreeBSD-src-81673aab339b656569a63787e8506cd835f7252d.tar.gz