[PATCH] Fix remaining cases of direct logging of untrusted strings by avc_audit

Timothy R. Chavez tinytim at us.ibm.com
Tue May 24 21:27:25 UTC 2005


On Tuesday 24 May 2005 16:11, Klaus Weidner wrote:
> On Tue, May 24, 2005 at 09:30:27PM +0100, David Woodhouse wrote:
> > On Tue, 2005-05-24 at 14:18 -0400, Stephen Smalley wrote:
> > > Note that d_name.name is nul-terminated by d_alloc()
> > 
> > I wouldn't claim to be 100% convinced that it's always nul-terminated,
> > but we were relying on that already so OK.
> 
> Good thing we're not trying to get certified at EAL7, this doesn't quite
> meet "formally verified design" requirements ;-)

Doesn't EAL7 also require that the administrator renounces spirituality and 
any and all other indelible human traits? :)

-tim




More information about the Linux-audit mailing list