On Fri, Oct 20, 2017 at 6:16 PM, Casey Schaufler wrote:
> The function audit_log_secctx() is unused and cannot be
> made safe for the stacked/namespaced security module case.
> It, alas, shows up in the KAPI. Can this derelict code be
> removed? I'll provide a patch it it can go.
Removing code ge
Hello,
On Sun, 22 Oct 2017 19:12:34 +0300
Lev Olshvang wrote:
> Hello List,
>
> I work on Ubuntu 16.10 kernel 4.8 with audit v2.7.7, and we wrote
> plugin who get its input from audispd
> This plugin process audit messages, mostly syscalls.
>
> In out test we saw that malloc of auditd tooks