[PATCH] execve argument logging
Steve Grubb
sgrubb at redhat.com
Fri Apr 21 20:23:39 UTC 2006
On Friday 21 April 2006 16:19, Valdis.Kletnieks at vt.edu wrote:
> Does this allow an attacker to DoS the audit log by creating a fork/exec
> loop intentionally invoking a totally duff binary, but that includes a very
> long argument?
I personally haven't tried. Try it and let us know if you can DoS the machine.
> Maybe a "first 32/64 bytes of each argument" limit is needed? Or is there
> one there and I missed it?
There's no limit other than what the kernel imposes.
-Steve
More information about the Linux-audit
mailing list