[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [RFC][PATCH] collect security labels on user processes generating audit messages



On Wed, 2006-02-15 at 11:37 -0500, Stephen Smalley wrote:
> On Wed, 2006-02-15 at 11:22 -0500, Steve Grubb wrote:
> > This should be a separate thread since the topic is different.
> > 
> > On Wednesday 15 February 2006 11:14, Linda Knippers wrote:
> > > Amy submitted a patch a while back to eliminate the "name=" field
> > > to avoid "name=(null)" from the audit records if there was no name
> > > but I don't think the patch went anywhere.
> > 
> > Right. I want all audit fields to have name=value. If we have %s in the 
> > message and pass NULL to it, snprintf is already going to put "(null)" so 
> > what's wrong with just using this precedent?
> 
> In that case, Tim doesn't need a special check for !ctx in his code at
> all.

FYI, if I just pass NULL to audit_log_format(), then <NULL> is printed
to the log, not (null).  I just tried this.

-tim


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]