I'm considering developing a policy/module for TrustedBSD loosely based
on the systrace concept - A process loads a policy and then executes
another program in a sandbox with fine grained control over what that
program can do.
I'm aiming for a much simpler implementation, however. No interaction.
Patch for the issue:
--- auditreduce.c.orig Mon Oct 22 21:32:07 2007
+++ auditreduce.c Mon Oct 22 21:30:13 2007
@@ -719,7 +719,6 @@
if (n == NULL)
usage(Incorrect event name);
p_evtype =
FreeBSD 6.2-RELEASE-p8 #2, i386
sudo auditreduce -m AUE_REBOOT /dev/auditpipe | praudit
auditreduce in free(): error: junk pointer, too high to make sense
Abort trap (core dumped)
sudo auditreduce -m AUE_CONNECT /dev/auditpipe | praudit
auditreduce in free(): error: junk pointer, too high to
Sorry about that, see the corrected subject - the
segmentation fault was not in praudit but in auditreduce.
__
dc
___
freebsd-hackers@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to
If I repeatedly do:
# praudit /dev/auditpipe
^C
I end up with rather a lot of /dev/auditpipe*
crw--- 1 root wheel0, 137 21 Oct 17:51 /dev/auditpipe0
crw--- 1 root wheel0, 138 21 Oct 17:51 /dev/auditpipe1
crw--- 1 root wheel0, 141 21 Oct 17:51 /dev/auditpipe2
Well,
The problem that I thought was there, wasn't actually there,
which is why I said to ignore the patch :)
I've tried to reproduce the problems you are seeing but
I have not been able to.
So far I've tried on -CURRENT and RELENG_6. We are aware
of some issues on RELENG_6_2
Please try the attached patch:
cp audit.diff /usr/src/sys
patch audit.diff
Recompile your kernel.
If please report success/failure to me.
I completely missed the replies to this thread. At least
I now know it's due to an actual problem rather than my
inability to follow
After reading this article:
http://www.regdeveloper.co.uk/2006/11/13/freebsd_security_event_auditing/
I decided to try audit. I edited /etc/security/audit_control
as the article (and the handbook example) shows:
dir:/var/audit
flags:lo,+ex
minfree:20
naflags:lo
policy:cnt
filesz:0
But having
8 matches
Mail list logo