Date: Mon, 11 Jun 2018 16:17:53 +0000 From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 152796] fcntl(2) audit records should not be labeled "file attribute modify" Message-ID: <bug-152796-227-f4iaIH3nJj@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-152796-227@https.bugs.freebsd.org/bugzilla/> References: <bug-152796-227@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D152796 Alan Somers <asomers@FreeBSD.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |aniketp@freebsd.org, | |asomers@FreeBSD.org --- Comment #3 from Alan Somers <asomers@FreeBSD.org> --- I think fcntl should simply be moved into the "no" class, because none of i= ts commands are security-relevant. It doesn't really affect the file on-disk = at all, just the way that the process accesses the file. It combines the functionality of dup2 ("no" class) with some of the obscure open(2) options (open is audited, but those options aren't treated specially), with sigaction(2) ("no" class), with flock ("fm" class). It also adds the abili= ty to set file readahead (not security relevant). The only commands that affe= ct the file itself are the locking commands. I would argue that, since they're advisory and very frequently used, the file locking operations shouldn't be auditted. --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-152796-227-f4iaIH3nJj>