GNU bug report logs - #54309
[PATCH] services: auditd: use exclusive log directory for auditd

Reported by: fesoj000 <fesoj000 <at> gmail.com>

Date: Wed, 9 Mar 2022 19:22:02 UTC

Severity: normal

Tags: patch

View this message in rfc822 format

From: Maxime Devos <maximedevos <at> telenet.be>
To: fesoj000 <fesoj000 <at> gmail.com>, 54309 <at> debbugs.gnu.org
Subject: [bug#54309] [PATCH] services: auditd: use exclusive log directory for auditd
Date: Sun, 20 Mar 2022 21:35:13 +0100

[Message part 1 (text/plain, inline)]

Maxime Devos schreef op zo 20-03-2022 om 21:30 [+0100]:
> fesoj000 schreef op zo 20-03-2022 om 21:22 [+0100]:
> > > I cannot recommend this, what if 'mkdir-p' throws an exception?
> > > That might cause problems.  Or maybe not, but it would require
> > > some analysis that can be avoided with 'mkdir-p/perms'.
> > Hm, but i still have to set umask to prevent TOCTOU, the
> > implementation of 'mkdir-p/perms' does not take care of that.
> 
> mkdir-p/perms could be modified to take care of that.
> If that is done, then other users of mkdir-p/perms would benefit as
> well.
> 
> To implement this, I recommend using the prodecures from
> <https://lists.gnu.org/archive/html/guile-devel/2021-11/msg00005.html
> > 
> -- that patch was written to remove the TOCTOU!

It seems to be ignored so far upstream, so I'll look into defining
a Guile package variant that can be used by the activation code.

Greetings,
Maxime.

[signature.asc (application/pgp-signature, inline)]

This bug report was last modified 3 years and 85 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.

GNU bug report logs - #54309 [PATCH] services: auditd: use exclusive log directory for auditd

GNU bug report logs - #54309
[PATCH] services: auditd: use exclusive log directory for auditd