diff options
author | wsalamon <wsalamon@FreeBSD.org> | 2006-09-01 11:45:40 +0000 |
---|---|---|
committer | wsalamon <wsalamon@FreeBSD.org> | 2006-09-01 11:45:40 +0000 |
commit | c62317c442340f5e4627b6020679dc03d49a3918 (patch) | |
tree | 17f9a899743e9577c2e64080d7c7f0a957fbe0f4 /sys/security/audit/audit.c | |
parent | e279989d710de9f19f0e36445d579caea48bf429 (diff) | |
download | FreeBSD-src-c62317c442340f5e4627b6020679dc03d49a3918.zip FreeBSD-src-c62317c442340f5e4627b6020679dc03d49a3918.tar.gz |
Audit the argv and env vectors passed in on exec:
Add the argument auditing functions for argv and env.
Add kernel-specific versions of the tokenizer functions for the
arg and env represented as a char array.
Implement the AUDIT_ARGV and AUDIT_ARGE audit policy commands to
enable/disable argv/env auditing.
Call the argument auditing from the exec system calls.
Obtained from: TrustedBSD Project
Approved by: rwatson (mentor)
Diffstat (limited to 'sys/security/audit/audit.c')
-rw-r--r-- | sys/security/audit/audit.c | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/sys/security/audit/audit.c b/sys/security/audit/audit.c index 07cf3278..be0d481 100644 --- a/sys/security/audit/audit.c +++ b/sys/security/audit/audit.c @@ -92,6 +92,8 @@ int audit_suspended; */ int audit_panic_on_write_fail; int audit_fail_stop; +int audit_argv; +int audit_arge; /* * Are we currently "failing stop" due to out of disk space? @@ -204,6 +206,10 @@ audit_record_dtor(void *mem, int size, void *arg) free(ar->k_ar.ar_arg_text, M_AUDITTEXT); if (ar->k_udata != NULL) free(ar->k_udata, M_AUDITDATA); + if (ar->k_ar.ar_arg_argv != NULL) + free(ar->k_ar.ar_arg_argv, M_AUDITTEXT); + if (ar->k_ar.ar_arg_envv != NULL) + free(ar->k_ar.ar_arg_envv, M_AUDITTEXT); } /* @@ -221,6 +227,8 @@ audit_init(void) audit_panic_on_write_fail = 0; audit_fail_stop = 0; audit_in_failure = 0; + audit_argv = 0; + audit_arge = 0; audit_fstat.af_filesz = 0; /* '0' means unset, unbounded */ audit_fstat.af_currsz = 0; |