From: Eric Paris <eparis@redhat.com>
Date: Thu, 28 Sep 2006 21:46:21 +0000 (-0400)
Subject: [PATCH] arch filter lists with < or > should not be accepted
X-Git-Tag: v2.6.19-rc1~36^2~3
X-Git-Url: http://git.openpandora.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=4b8a311bb161a3bd2ab44311f42c526b6dc76270;p=pandora-kernel.git

[PATCH] arch filter lists with < or > should not be accepted

Currently the kernel audit system represents arch's as numbers and will
gladly accept comparisons between archs using >, <, >=, <= when the only
thing that makes sense is = or !=.  I'm told that the next revision of
auditctl will do this checking but this will provide enforcement in the
kernel even for old userspace.  A simple command to show the issue would
be to run

auditctl -d entry,always -F arch>i686 -S chmod

with this patch the kernel will reject this with -EINVAL

Please comment/ack/nak as soon as possible.

-Eric

 kernel/auditfilter.c |    9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
---

Reading git-diff-tree failed