cvs commit: src/sys/security/audit audit_bsm.c

Robert Watson rwatson at
Wed Sep 20 06:23:42 PDT 2006

rwatson     2006-09-20 13:23:40 UTC

  FreeBSD src repository

  Modified files:
    sys/security/audit   audit_bsm.c 
  Rather than allocating all buffer memory for the completed BSM record
  when allocating the record in the first place, allocate the final buffer
  when closing the BSM record.  At that point, more size information is
  available, so a sufficiently large buffer can be allocated.
  This allows the kernel to generate audit records in excess of
  MAXAUDITDATA bytes, but is consistent with Solaris's behavior.  This only
  comes up when auditing command line arguments, in which case we presume
  the administrator really does want the data as they have specified the
  policy flag to gather them.
  Obtained from:  TrustedBSD Project
  MFC after:      3 days
  Revision  Changes    Path
  1.14      +17 -19    src/sys/security/audit/audit_bsm.c

More information about the cvs-src mailing list