| Message ID | 20180524201105.3179904-2-stefanb@linux.vnet.ibm.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
On Thu, May 24, 2018 at 4:10 PM, Stefan Berger <stefanb@linux.vnet.ibm.com> wrote: > The parameters passed to this logging function are all provided by > a privileged user and therefore we can call audit_log_string() > rather than audit_log_untrustedstring(). > > Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com> > Suggested-by: Steve Grubb <sgrubb@redhat.com> > --- > security/integrity/ima/ima_policy.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) Acked-by: Paul Moore <paul@paul-moore.com> > diff --git a/security/integrity/ima/ima_policy.c b/security/integrity/ima/ima_policy.c > index d89bebf85421..a823f11a3e6b 100644 > --- a/security/integrity/ima/ima_policy.c > +++ b/security/integrity/ima/ima_policy.c > @@ -615,7 +615,7 @@ static void ima_log_string_op(struct audit_buffer *ab, char *key, char *value, > audit_log_format(ab, "%s<", key); > else > audit_log_format(ab, "%s=", key); > - audit_log_untrustedstring(ab, value); > + audit_log_string(ab, value); > audit_log_format(ab, " "); > } > static void ima_log_string(struct audit_buffer *ab, char *key, char *value) > -- > 2.13.6 > > -- > Linux-audit mailing list > Linux-audit@redhat.com > https://www.redhat.com/mailman/listinfo/linux-audit
diff --git a/security/integrity/ima/ima_policy.c b/security/integrity/ima/ima_policy.c index d89bebf85421..a823f11a3e6b 100644 --- a/security/integrity/ima/ima_policy.c +++ b/security/integrity/ima/ima_policy.c @@ -615,7 +615,7 @@ static void ima_log_string_op(struct audit_buffer *ab, char *key, char *value, audit_log_format(ab, "%s<", key); else audit_log_format(ab, "%s=", key); - audit_log_untrustedstring(ab, value); + audit_log_string(ab, value); audit_log_format(ab, " "); } static void ima_log_string(struct audit_buffer *ab, char *key, char *value)
The parameters passed to this logging function are all provided by a privileged user and therefore we can call audit_log_string() rather than audit_log_untrustedstring(). Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Suggested-by: Steve Grubb <sgrubb@redhat.com> --- security/integrity/ima/ima_policy.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)