11 May, 2007
2 commits
-
When auditing syscalls that send signals, log the pid and security
context for each target process. Optimize the data collection by
adding a counter for signal-related rules, and avoiding allocating an
aux struct unless we have more than one target process. For process
groups, collect pid/context data in blocks of 16. Move the
audit_signal_info() hook up in check_kill_permission() so we audit
attempts where permission is denied.Signed-off-by: Amy Griffis
Signed-off-by: Al Viro -
Add a syscall class for sending signals.
Signed-off-by: Amy Griffis
Signed-off-by: Al Viro
12 Sep, 2006
3 commits
-
add support for AUDIT_PERM predicate
Signed-off-by: Al Viro
-
Signed-off-by: Al Viro
-
Signed-off-by: Al Viro