tech-kern: Re: recent change to kern_exec.c for #! interpreters

Subject: Re: recent change to kern_exec.c for #! interpreters
To: None <elad@netbsd.org>
From: Hubert Feyrer <hubert@feyrer.de>
List: tech-kern
Date: 08/08/2005 05:19:46

On Sun, 7 Aug 2005, Erik E. Fair wrote:
>> Modified Files:
>> 	src/sys/kern: kern_exec.c
>> 
>> Log Message:
>> Use real executed program in logs instead of the script that was executed.
>> 
>> For example, this used to give false logs of matching fingerprint for
>> foo.sh while foo.sh don't have an entry, and the program executed (and
>> matching the fingerprint) is the interpreter - /bin/sh.
...
> So ... if I were running with acct(2) on, what will I see in the ac_comm[] 
> field of the structure that is written to the accounting file? sh? or the 
> name of the script?
>
> I submit that if it is the former, this is not a good change.

Also, what if you want to verify(exev) several different scripts?


  - Hubert