audit 1.2.7 released

Steve Grubb sgrubb at redhat.com
Wed Sep 20 19:19:47 UTC 2006


On Wednesday 20 September 2006 15:12, Stephen Smalley wrote:
> SELinux userland code isn't supposed to assume any fixed max.
> libselinux does use an initial buffer size as a starting point when
> calling e.g. getxattr, but will resize the buffer to a larger size if
> necessary.

I try very hard to not have any memory allocations in the audit system to 
prevent and possible failure due to fragmentation or leaks. I need to cap the 
buffer size at something to meet this design goal.

-Steve




More information about the Linux-audit mailing list