aboutsummaryrefslogtreecommitdiffstats
path: root/include/linux
diff options
context:
space:
mode:
authorMiloslav Trmac <mitr@redhat.com>2008-04-18 16:30:14 -0400
committerAl Viro <viro@zeniv.linux.org.uk>2008-04-28 06:28:24 -0400
commit41126226e186d92a45ed664e546abb5204588359 (patch)
treecd31de9587e81b01934fe95e574be109dd0129c7 /include/linux
parent7719e437fac119e57b17588bab3a8e39ff9d22eb (diff)
[patch 1/2] audit: let userspace fully control TTY input auditing
Remove the code that automatically disables TTY input auditing in processes that open TTYs when they have no other TTY open; this heuristic was intended to automatically handle daemons, but it has false positives (e.g. with sshd) that make it impossible to control TTY input auditing from a PAM module. With this patch, TTY input auditing is controlled from user-space only. On the other hand, not even for daemons does it make sense to audit "input" from PTY masters; this data was produced by a program writing to the PTY slave, and does not represent data entered by the user. Signed-off-by: Miloslav Trmac <mitr@redhat.com> Cc: Al Viro <viro@zeniv.linux.org.uk> Cc: David Woodhouse <dwmw2@infradead.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Diffstat (limited to 'include/linux')
-rw-r--r--include/linux/tty.h5
1 files changed, 0 insertions, 5 deletions
diff --git a/include/linux/tty.h b/include/linux/tty.h
index 430624504ca0..265831ccaa88 100644
--- a/include/linux/tty.h
+++ b/include/linux/tty.h
@@ -300,7 +300,6 @@ extern void tty_hangup(struct tty_struct * tty);
300extern void tty_vhangup(struct tty_struct * tty); 300extern void tty_vhangup(struct tty_struct * tty);
301extern void tty_unhangup(struct file *filp); 301extern void tty_unhangup(struct file *filp);
302extern int tty_hung_up_p(struct file * filp); 302extern int tty_hung_up_p(struct file * filp);
303extern int is_tty(struct file *filp);
304extern void do_SAK(struct tty_struct *tty); 303extern void do_SAK(struct tty_struct *tty);
305extern void __do_SAK(struct tty_struct *tty); 304extern void __do_SAK(struct tty_struct *tty);
306extern void disassociate_ctty(int priv); 305extern void disassociate_ctty(int priv);
@@ -352,7 +351,6 @@ extern void tty_audit_exit(void);
352extern void tty_audit_fork(struct signal_struct *sig); 351extern void tty_audit_fork(struct signal_struct *sig);
353extern void tty_audit_push(struct tty_struct *tty); 352extern void tty_audit_push(struct tty_struct *tty);
354extern void tty_audit_push_task(struct task_struct *tsk, uid_t loginuid, u32 sessionid); 353extern void tty_audit_push_task(struct task_struct *tsk, uid_t loginuid, u32 sessionid);
355extern void tty_audit_opening(void);
356#else 354#else
357static inline void tty_audit_add_data(struct tty_struct *tty, 355static inline void tty_audit_add_data(struct tty_struct *tty,
358 unsigned char *data, size_t size) 356 unsigned char *data, size_t size)
@@ -370,9 +368,6 @@ static inline void tty_audit_push(struct tty_struct *tty)
370static inline void tty_audit_push_task(struct task_struct *tsk, uid_t loginuid, u32 sessionid) 368static inline void tty_audit_push_task(struct task_struct *tsk, uid_t loginuid, u32 sessionid)
371{ 369{
372} 370}
373static inline void tty_audit_opening(void)
374{
375}
376#endif 371#endif
377 372
378/* tty_ioctl.c */ 373/* tty_ioctl.c */