From mboxrd@z Thu Jan 1 00:00:00 1970 From: Steve Grubb Subject: Re: Regarding bug 435682 Date: Fri, 21 Oct 2011 08:58:24 -0400 Message-ID: <201110210858.24462.sgrubb@redhat.com> References: <6962cb6b-c2c2-406c-87c5-e7ed306dd840@zmail07.collab.prod.int.phx2.redhat.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Return-path: In-Reply-To: <6962cb6b-c2c2-406c-87c5-e7ed306dd840@zmail07.collab.prod.int.phx2.redhat.com> List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: linux-audit-bounces@redhat.com Errors-To: linux-audit-bounces@redhat.com To: linux-audit@redhat.com Cc: Miloslav Trmac , Alexander List-Id: linux-audit@redhat.com On Friday, October 21, 2011 08:49:30 AM Miloslav Trmac wrote: > > Here's a patch for version 2.1.3 which solves bug 435682 ( > > https://bugzilla.redhat.com/show_bug.cgi?id=435682 ). > > Patched auditctl allows to specify files having spaces in ther names > > - just surround a filename with apostrophes. > > This patch also arbitrarily breaks handling of apostrophes and \xFF > characters in filenames; it probably is a marginal improvement, but any > change to the format should IMHO start with an explicit and consistent > specification of how quoting is supposed to work in audit.rules, and then > implementing exactly that. > > If we do have to change the file format to support spaces, let's do it, but > let's also make sure that we don't need to change it again soon to fix > different artifacts of the parser implementation. Mirek I was thinking of using the same mechanism as shell escaping '\' since this is how bash would present the path to the user. -Steve