diff options
author | Al Viro <viro@ZenIV.linux.org.uk> | 2008-12-09 09:23:33 +0000 |
---|---|---|
committer | James Morris <jmorris@namei.org> | 2008-12-09 20:32:06 +1100 |
commit | 1e641743f055f075ed9a4edd75f1fb1e05669ddc (patch) | |
tree | 8016113a4965a344415e8bd6366f07c23eee7d5f /include | |
parent | 94d6a5f7341ebaff53d4e41cc81fab37f0d9fbed (diff) | |
download | op-kernel-dev-1e641743f055f075ed9a4edd75f1fb1e05669ddc.zip op-kernel-dev-1e641743f055f075ed9a4edd75f1fb1e05669ddc.tar.gz |
Audit: Log TIOCSTI
AUDIT_TTY records currently log all data read by processes marked for
TTY input auditing, even if the data was "pushed back" using the TIOCSTI
ioctl, not typed by the user.
This patch records all TIOCSTI calls to disambiguate the input. It
generates one audit message per character pushed back; considering
TIOCSTI is used very rarely, this simple solution is probably good
enough. (The only program I could find that uses TIOCSTI is mailx/nail
in "header editing" mode, e.g. using the ~h escape. mailx is used very
rarely, and the escapes are used even rarer.)
Signed-Off-By: Miloslav Trmac <mitr@redhat.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'include')
-rw-r--r-- | include/linux/tty.h | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/include/linux/tty.h b/include/linux/tty.h index 3b8121d..580700f 100644 --- a/include/linux/tty.h +++ b/include/linux/tty.h @@ -442,6 +442,7 @@ extern void tty_audit_add_data(struct tty_struct *tty, unsigned char *data, size_t size); extern void tty_audit_exit(void); extern void tty_audit_fork(struct signal_struct *sig); +extern void tty_audit_tiocsti(struct tty_struct *tty, char ch); extern void tty_audit_push(struct tty_struct *tty); extern void tty_audit_push_task(struct task_struct *tsk, uid_t loginuid, u32 sessionid); @@ -450,6 +451,9 @@ static inline void tty_audit_add_data(struct tty_struct *tty, unsigned char *data, size_t size) { } +static inline void tty_audit_tiocsti(struct tty_struct *tty, char ch) +{ +} static inline void tty_audit_exit(void) { } |