Date: Mon, 11 Jun 2018 16:17:53 +0000 From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 152796] fcntl(2) audit records should not be labeled "file attribute modify" Message-ID: <bug-152796-227-f4iaIH3nJj@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-152796-227@https.bugs.freebsd.org/bugzilla/> References: <bug-152796-227@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=152796 Alan Somers <asomers@FreeBSD.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |aniketp@freebsd.org, | |asomers@FreeBSD.org --- Comment #3 from Alan Somers <asomers@FreeBSD.org> --- I think fcntl should simply be moved into the "no" class, because none of its commands are security-relevant. It doesn't really affect the file on-disk at all, just the way that the process accesses the file. It combines the functionality of dup2 ("no" class) with some of the obscure open(2) options (open is audited, but those options aren't treated specially), with sigaction(2) ("no" class), with flock ("fm" class). It also adds the ability to set file readahead (not security relevant). The only commands that affect the file itself are the locking commands. I would argue that, since they're advisory and very frequently used, the file locking operations shouldn't be auditted. -- You are receiving this mail because: You are the assignee for the bug.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-152796-227-f4iaIH3nJj>