CONFIG_AUDITSYSCALL is awful. Patch 2 enumerates some reasons. Patch 1 fixes a nasty DoS and possible information leak. It should be applied and backported.
Patch 2 is optional. I leave it to other peoples' judgment. Andy Lutomirski (2): auditsc: audit_krule mask accesses need bounds checking audit: Move CONFIG_AUDITSYSCALL into staging and update help text Andy Lutomirski (2): auditsc: audit_krule mask accesses need bounds checking audit: Mark CONFIG_AUDITSYSCALL BROKEN and update help text init/Kconfig | 13 ++++++++----- kernel/auditsc.c | 27 ++++++++++++++++++--------- 2 files changed, 26 insertions(+), 14 deletions(-) -- 1.9.3 -- Linux-audit mailing list [email protected] https://www.redhat.com/mailman/listinfo/linux-audit
