Stephen Smalley wrote:
On 09/06/2013 03:50 PM, Joshua Brindle wrote:
Add libaudit support for adding directory watch rules.
Add rule parsing support to auditd.
Rule format matches auditctl. Currently only supports -w and -e.
Change-Id: I8bdaea1b5e2a216eec79cd8c9dae583de8295d26
Signed-off-by: Joshua Brindle<[email protected]>
diff --git a/auditd/audit_log.c b/auditd/audit_log.c
index ef77a3f..fc50caf 100644
--- a/auditd/audit_log.c
+++ b/auditd/audit_log.c
@@ -44,7 +44,7 @@
/* Mode for fopen */
#define AUDIT_LOG_FMODE "w+"
/* mode for fchmod*/
-#define AUDIT_LOG_MODE (S_IRUSR | S_IWUSR | S_IRGRP)
+#define AUDIT_LOG_MODE (S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH)
/* flags for fcntl */
#define AUDIT_LOG_FLAGS (O_RDWR | O_CREAT | O_SYNC)
Don't think you meant to include this.
Fair enough. I'm thinking about having auditd broadcast audit entries so
that interested apps can collect them, but I'm not sure how amenable the
community is to that.
--
This message was distributed to subscribers of the seandroid-list mailing list.
If you no longer wish to subscribe, send mail to [email protected] with
the words "unsubscribe seandroid-list" without quotes as the message.
