diff options
| author | Robert Watson <rwatson@FreeBSD.org> | 2008-08-25 13:50:01 +0000 |
|---|---|---|
| committer | Robert Watson <rwatson@FreeBSD.org> | 2008-08-25 13:50:01 +0000 |
| commit | 3f3978840ef31561d231ee1b7c8b0488341a7c20 (patch) | |
| tree | e48dabc39cfaec1bb363e91183039111432a9e4f | |
| parent | 710668615af4b786dae271625bb3fdaea1d22eff (diff) | |
Notes
| -rw-r--r-- | sys/kern/kern_exec.c | 2 | ||||
| -rw-r--r-- | sys/security/audit/audit_bsm.c | 7 |
2 files changed, 9 insertions, 0 deletions
diff --git a/sys/kern/kern_exec.c b/sys/kern/kern_exec.c index 0d1e871d4154..8ea45d5b1e13 100644 --- a/sys/kern/kern_exec.c +++ b/sys/kern/kern_exec.c @@ -412,11 +412,13 @@ interpret: binvp = ndp->ni_vp; imgp->vp = binvp; } else { + AUDIT_ARG(fd, args->fd); error = fgetvp(td, args->fd, &binvp); if (error) goto exec_fail; vfslocked = VFS_LOCK_GIANT(binvp->v_mount); vn_lock(binvp, LK_EXCLUSIVE | LK_RETRY); + AUDIT_ARG(vnode, binvp, ARG_VNODE1); imgp->vp = binvp; } diff --git a/sys/security/audit/audit_bsm.c b/sys/security/audit/audit_bsm.c index a7fbb210994e..e06072705248 100644 --- a/sys/security/audit/audit_bsm.c +++ b/sys/security/audit/audit_bsm.c @@ -762,6 +762,13 @@ kaudit_to_bsm(struct kaudit_record *kar, struct au_record **pau) EXTATTR_TOKENS; break; + case AUE_FEXECVE: + if (ARG_IS_VALID(kar, ARG_FD)) { + tok = au_to_arg32(1, "fd", ar->ar_arg_fd); + kau_write(rec, tok); + } + /* FALLTHROUGH */ + case AUE_EXECVE: if (ARG_IS_VALID(kar, ARG_ARGV)) { tok = au_to_exec_args(ar->ar_arg_argv, |