diff options
author | Miloslav Trmac <mitr@redhat.com> | 2008-04-18 13:30:14 -0700 |
---|---|---|
committer | Al Viro <viro@zeniv.linux.org.uk> | 2008-04-28 06:28:24 -0400 |
commit | 41126226e186d92a45ed664e546abb5204588359 (patch) | |
tree | cd31de9587e81b01934fe95e574be109dd0129c7 /include/linux/tty.h | |
parent | 7719e437fac119e57b17588bab3a8e39ff9d22eb (diff) | |
download | op-kernel-dev-41126226e186d92a45ed664e546abb5204588359.zip op-kernel-dev-41126226e186d92a45ed664e546abb5204588359.tar.gz |
[patch 1/2] audit: let userspace fully control TTY input auditing
Remove the code that automatically disables TTY input auditing in processes
that open TTYs when they have no other TTY open; this heuristic was
intended to automatically handle daemons, but it has false positives (e.g.
with sshd) that make it impossible to control TTY input auditing from a PAM
module. With this patch, TTY input auditing is controlled from user-space
only.
On the other hand, not even for daemons does it make sense to audit "input"
from PTY masters; this data was produced by a program writing to the PTY
slave, and does not represent data entered by the user.
Signed-off-by: Miloslav Trmac <mitr@redhat.com>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: David Woodhouse <dwmw2@infradead.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Diffstat (limited to 'include/linux/tty.h')
-rw-r--r-- | include/linux/tty.h | 5 |
1 files changed, 0 insertions, 5 deletions
diff --git a/include/linux/tty.h b/include/linux/tty.h index 4306245..265831c 100644 --- a/include/linux/tty.h +++ b/include/linux/tty.h @@ -300,7 +300,6 @@ extern void tty_hangup(struct tty_struct * tty); extern void tty_vhangup(struct tty_struct * tty); extern void tty_unhangup(struct file *filp); extern int tty_hung_up_p(struct file * filp); -extern int is_tty(struct file *filp); extern void do_SAK(struct tty_struct *tty); extern void __do_SAK(struct tty_struct *tty); extern void disassociate_ctty(int priv); @@ -352,7 +351,6 @@ extern void tty_audit_exit(void); extern void tty_audit_fork(struct signal_struct *sig); extern void tty_audit_push(struct tty_struct *tty); extern void tty_audit_push_task(struct task_struct *tsk, uid_t loginuid, u32 sessionid); -extern void tty_audit_opening(void); #else static inline void tty_audit_add_data(struct tty_struct *tty, unsigned char *data, size_t size) @@ -370,9 +368,6 @@ static inline void tty_audit_push(struct tty_struct *tty) static inline void tty_audit_push_task(struct task_struct *tsk, uid_t loginuid, u32 sessionid) { } -static inline void tty_audit_opening(void) -{ -} #endif /* tty_ioctl.c */ |