CONFIG_AUDITSYSCALL is awful. Patch 2 enumerates some reasons. Patch 1 fixes a nasty DoS and possible information leak. It should be applied and backported.
Patch 2 is optional. I leave it to other peoples' judgment. Andy Lutomirski (2): auditsc: audit_krule mask accesses need bounds checking audit: Move CONFIG_AUDITSYSCALL into staging and update help text Andy Lutomirski (2): auditsc: audit_krule mask accesses need bounds checking audit: Mark CONFIG_AUDITSYSCALL BROKEN and update help text init/Kconfig | 13 ++++++++----- kernel/auditsc.c | 27 ++++++++++++++++++--------- 2 files changed, 26 insertions(+), 14 deletions(-) -- 1.9.3 -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
