From 41126226e186d92a45ed664e546abb5204588359 Mon Sep 17 00:00:00 2001 From: Miloslav Trmac Date: Fri, 18 Apr 2008 13:30:14 -0700 Subject: [patch 1/2] audit: let userspace fully control TTY input auditing Remove the code that automatically disables TTY input auditing in processes that open TTYs when they have no other TTY open; this heuristic was intended to automatically handle daemons, but it has false positives (e.g. with sshd) that make it impossible to control TTY input auditing from a PAM module. With this patch, TTY input auditing is controlled from user-space only. On the other hand, not even for daemons does it make sense to audit "input" from PTY masters; this data was produced by a program writing to the PTY slave, and does not represent data entered by the user. Signed-off-by: Miloslav Trmac Cc: Al Viro Cc: David Woodhouse Signed-off-by: Andrew Morton Signed-off-by: Al Viro --- drivers/char/tty_io.c | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) (limited to 'drivers/char/tty_io.c') diff --git a/drivers/char/tty_io.c b/drivers/char/tty_io.c index 4d3c7018f0c3..afddccf1bb3d 100644 --- a/drivers/char/tty_io.c +++ b/drivers/char/tty_io.c @@ -2755,7 +2755,6 @@ got_driver: __proc_set_tty(current, tty); spin_unlock_irq(¤t->sighand->siglock); mutex_unlock(&tty_mutex); - tty_audit_opening(); return 0; } @@ -2818,10 +2817,8 @@ static int ptmx_open(struct inode *inode, struct file *filp) check_tty_count(tty, "tty_open"); retval = ptm_driver->open(tty, filp); - if (!retval) { - tty_audit_opening(); + if (!retval) return 0; - } out1: release_dev(filp); return retval; -- cgit v1.2.1