From owner-freebsd-bugs@freebsd.org  Mon Jun 11 16:17:55 2018
Return-Path: <owner-freebsd-bugs@freebsd.org>
Delivered-To: freebsd-bugs@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 7FB7510162D9
 for <freebsd-bugs@mailman.ysv.freebsd.org>;
 Mon, 11 Jun 2018 16:17:55 +0000 (UTC)
 (envelope-from bugzilla-noreply@freebsd.org)
Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org
 [IPv6:2001:1900:2254:206a::50:5])
 by mx1.freebsd.org (Postfix) with ESMTP id 1742E6D901
 for <freebsd-bugs@freebsd.org>; Mon, 11 Jun 2018 16:17:55 +0000 (UTC)
 (envelope-from bugzilla-noreply@freebsd.org)
Received: by mailman.ysv.freebsd.org (Postfix)
 id C8CC710162D5; Mon, 11 Jun 2018 16:17:54 +0000 (UTC)
Delivered-To: bugs@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id B733C10162D3
 for <bugs@mailman.ysv.freebsd.org>; Mon, 11 Jun 2018 16:17:54 +0000 (UTC)
 (envelope-from bugzilla-noreply@freebsd.org)
Received: from mxrelay.ysv.freebsd.org (mxrelay.ysv.freebsd.org
 [IPv6:2001:1900:2254:206a::19:3])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "mxrelay.ysv.freebsd.org",
 Issuer "Let's Encrypt Authority X3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 56B666D8FC
 for <bugs@FreeBSD.org>; Mon, 11 Jun 2018 16:17:54 +0000 (UTC)
 (envelope-from bugzilla-noreply@freebsd.org)
Received: from kenobi.freebsd.org (kenobi.freebsd.org
 [IPv6:2001:1900:2254:206a::16:76])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mxrelay.ysv.freebsd.org (Postfix) with ESMTPS id 8F657B233
 for <bugs@FreeBSD.org>; Mon, 11 Jun 2018 16:17:53 +0000 (UTC)
 (envelope-from bugzilla-noreply@freebsd.org)
Received: from kenobi.freebsd.org ([127.0.1.118])
 by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id w5BGHrLY033861
 for <bugs@FreeBSD.org>; Mon, 11 Jun 2018 16:17:53 GMT
 (envelope-from bugzilla-noreply@freebsd.org)
Received: (from www@localhost)
 by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id w5BGHrDi033860
 for bugs@FreeBSD.org; Mon, 11 Jun 2018 16:17:53 GMT
 (envelope-from bugzilla-noreply@freebsd.org)
X-Authentication-Warning: kenobi.freebsd.org: www set sender to
 bugzilla-noreply@freebsd.org using -f
From: bugzilla-noreply@freebsd.org
To: bugs@FreeBSD.org
Subject: [Bug 152796] fcntl(2) audit records should not be labeled "file
 attribute modify"
Date: Mon, 11 Jun 2018 16:17:53 +0000
X-Bugzilla-Reason: AssignedTo
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: Base System
X-Bugzilla-Component: kern
X-Bugzilla-Version: 8.1-RELEASE
X-Bugzilla-Keywords: 
X-Bugzilla-Severity: Affects Only Me
X-Bugzilla-Who: asomers@FreeBSD.org
X-Bugzilla-Status: Open
X-Bugzilla-Resolution: 
X-Bugzilla-Priority: Normal
X-Bugzilla-Assigned-To: bugs@FreeBSD.org
X-Bugzilla-Flags: 
X-Bugzilla-Changed-Fields: cc
Message-ID: <bug-152796-227-f4iaIH3nJj@https.bugs.freebsd.org/bugzilla/>
In-Reply-To: <bug-152796-227@https.bugs.freebsd.org/bugzilla/>
References: <bug-152796-227@https.bugs.freebsd.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-BeenThere: freebsd-bugs@freebsd.org
X-Mailman-Version: 2.1.26
Precedence: list
List-Id: Bug reports <freebsd-bugs.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-bugs>,
 <mailto:freebsd-bugs-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-bugs/>
List-Post: <mailto:freebsd-bugs@freebsd.org>
List-Help: <mailto:freebsd-bugs-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-bugs>,
 <mailto:freebsd-bugs-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 11 Jun 2018 16:17:55 -0000

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D152796

Alan Somers <asomers@FreeBSD.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |aniketp@freebsd.org,
                   |                            |asomers@FreeBSD.org

--- Comment #3 from Alan Somers <asomers@FreeBSD.org> ---
I think fcntl should simply be moved into the "no" class, because none of i=
ts
commands are security-relevant.  It doesn't really affect the file on-disk =
at
all, just the way that the process accesses the file.  It combines the
functionality of dup2 ("no" class) with some of the obscure open(2) options
(open is audited, but those options aren't treated specially), with
sigaction(2) ("no" class), with flock ("fm" class).  It also adds the abili=
ty
to set file readahead (not security relevant).  The only commands that affe=
ct
the file itself are the locking commands.  I would argue that, since they're
advisory and very frequently used, the file locking operations shouldn't be
auditted.

--=20
You are receiving this mail because:
You are the assignee for the bug.=