* [PATCH 5/5] Delete some invalid code from auditctl.c
@ 2008-08-06 8:15 Zhang Xiliang
2008-08-06 19:35 ` Steve Grubb
0 siblings, 1 reply; 2+ messages in thread
From: Zhang Xiliang @ 2008-08-06 8:15 UTC (permalink / raw)
To: Steve Grubb, Linux Audit
Hello Steve,
I found some code is invalid in auditctl.
So I suggested to delete it.
Signed-off-by: Zhang Xiliang <zhangxiliang@cn.fujitsu.com>
---
src/auditctl.c | 10 ++--------
1 files changed, 2 insertions(+), 8 deletions(-)
diff --git a/src/auditctl.c b/src/auditctl.c
index b356faa..93e84a0 100644
--- a/src/auditctl.c
+++ b/src/auditctl.c
@@ -737,12 +737,7 @@ static int setopt(int count, char *vars[])
switch (rc)
{
case 0:
- if (which == OLD &&
- rule.fields[rule.field_count-1] ==
- AUDIT_PERM)
- audit_permadded = 1;
- else if (which == NEW &&
- rule_new->fields[rule_new->field_count-1] ==
+ if (rule_new->fields[rule_new->field_count-1] ==
AUDIT_PERM)
audit_permadded = 1;
break;
@@ -1385,8 +1380,7 @@ int key_match(struct audit_reply *rep)
}
if (((field >= AUDIT_SUBJ_USER && field <= AUDIT_OBJ_LEV_HIGH)
&& field != AUDIT_PPID) || field == AUDIT_WATCH ||
- field == AUDIT_WATCH || field == AUDIT_DIR ||
- field == AUDIT_FILTERKEY) {
+ field == AUDIT_DIR || field == AUDIT_FILTERKEY) {
boffset += rep->ruledata->values[i];
}
}
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [PATCH 5/5] Delete some invalid code from auditctl.c
2008-08-06 8:15 [PATCH 5/5] Delete some invalid code from auditctl.c Zhang Xiliang
@ 2008-08-06 19:35 ` Steve Grubb
0 siblings, 0 replies; 2+ messages in thread
From: Steve Grubb @ 2008-08-06 19:35 UTC (permalink / raw)
To: Zhang Xiliang; +Cc: Linux Audit
On Wednesday 06 August 2008 04:15:17 Zhang Xiliang wrote:
> I found some code is invalid in auditctl.
> So I suggested to delete it.
OK, I guess this needs cleanup after changing PERM to require new rule format.
> diff --git a/src/auditctl.c b/src/auditctl.c
> index b356faa..93e84a0 100644
> --- a/src/auditctl.c
> +++ b/src/auditctl.c
> @@ -737,12 +737,7 @@ static int setopt(int count, char *vars[])
> switch (rc)
> {
> case 0:
> - if (which == OLD &&
> - rule.fields[rule.field_count-1] ==
> - AUDIT_PERM)
> - audit_permadded = 1;
> - else if (which == NEW &&
> -
> rule_new->fields[rule_new->field_count-1] ==
> + if
> (rule_new->fields[rule_new->field_count-1] == AUDIT_PERM)
> audit_permadded = 1;
> break;
I think I want to "and" this with which == NEW to make sure we don't index
past something if the rules were still the old form.
Updated and applied. Thanks for the patch !
-Steve
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2008-08-06 19:35 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2008-08-06 8:15 [PATCH 5/5] Delete some invalid code from auditctl.c Zhang Xiliang
2008-08-06 19:35 ` Steve Grubb
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox