Date: Thu, 2 Feb 2006 19:06:22 +0000 (GMT) From: Robret Watson <rwatson@FreeBSD.org> To: Julian Elischer <julian@elischer.org> Cc: cvs-src@FreeBSD.org, src-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/sys/kern kern_exit.c kern_fork.c Message-ID: <20060202190352.I38507@fledge.watson.org> In-Reply-To: <43E25416.6020508@elischer.org> References: <200602020132.k121WwT3024973@repoman.freebsd.org> <43E25416.6020508@elischer.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 2 Feb 2006, Julian Elischer wrote: > Robert Watson wrote: > >> rwatson 2006-02-02 01:32:58 UTC >> >> FreeBSD src repository >> >> Modified files: >> sys/kern kern_exit.c kern_fork.c Log: >> Hook up audit to fork() and exit() events. These changes manage the >> audit state on processes, not auditing of these events. >> Much work by: wsalamon >> Obtained from: TrustedBSD Project >> Revision Changes Path >> 1.277 +5 -0 src/sys/kern/kern_exit.c >> 1.254 +11 -1 src/sys/kern/kern_fork.c >> > shouldn't these be implemented by supplying event handlers for exit and fork > instead of adding code to exit and fork themselves? This is made tricky by the complex nature of fork() and the need to do things in specific orders during fork. However, it should be possible to move the MAC and AUDIT allocation and free code into the proc ctor and proc dtor, and think about adding new event handlers for those two events. Robert N M Watson
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060202190352.I38507>