GNU bug report logs - #54309
[PATCH] services: auditd: use exclusive log directory for auditd

Previous Next

Package: guix-patches;

Reported by: fesoj000 <fesoj000 <at> gmail.com>

Date: Wed, 9 Mar 2022 19:22:02 UTC

Severity: normal

Tags: patch

Full log

View this message in rfc822 format

From: fesoj000 <fesoj000 <at> gmail.com>
To: Maxime Devos <maximedevos <at> telenet.be>, 54309 <at> debbugs.gnu.org
Subject: [bug#54309] [PATCH] services: auditd: use exclusive log directory for auditd
Date: Sun, 20 Mar 2022 21:22:11 +0100

On 3/20/22 12:13 AM, Maxime Devos wrote:
> fesoj000 schreef op za 19-03-2022 om 12:34 [+0100]:
>> +        (let* ((previous-umask (umask #o077)))
>> +          (mkdir-p "/var/log/audit")
>> +          (umask previous-umask)))))
> 
> I cannot recommend this, what if 'mkdir-p' throws an exception?
> That might cause problems.  Or maybe not, but it would require
> some analysis that can be avoided with 'mkdir-p/perms'.
Hm, but i still have to set umask to prevent TOCTOU, the
implementation of 'mkdir-p/perms' does not take care of that.

BR
This bug report was last modified 3 years and 85 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.