Red Hat Bugzilla – Bug 462441
Fix NUL handling in TTY input auditing
Last modified: 2009-01-20 15:16:50 EST
The patch posted originally for TTY input auditing (#244135) does not handle NUL characters (in TTY input and in AUDIT_USER_TTY records sent from user-space) correctly, potentially allowing the user to bypass TTY auditing. This tracks an additional patch to fix this.
This request was evaluated by Red Hat Product Management for inclusion in a Red
Hat Enterprise Linux maintenance release. Product Management has requested
further review of this request by Red Hat Engineering, for potential
inclusion in a Red Hat Enterprise Linux Update release for currently deployed
products. This request is not yet committed for inclusion in an Update
You can download this test kernel from http://people.redhat.com/dzickus/el5
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.