tech-kern: Re: recent change to kern_exec.c for #! interpreters

Subject: Re: recent change to kern_exec.c for #! interpreters
To: Hubert Feyrer <hubert@feyrer.de>
From: Elad Efrat <elad@NetBSD.org>
List: tech-kern
Date: 08/08/2005 07:12:36

On Sun, 7 Aug 2005, Erik E. Fair wrote:

>> So ... if I were running with acct(2) on, what will I see in the 
>> ac_comm[] field of the structure that is written to the accounting 
>> file? sh? or the name of the script?

The change only comes in effect if Veriexec is enabled. The "logged"
refers to the logs Veriexec produces.

Hubert Feyrer wrote:

> Also, what if you want to verify(exev) several different scripts?

http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/kern/kern_exec.c.diff?r1=1.205&r2=1.207&f=h

That's the change in question. It simply makes sure that you don't
get false logs saying "matching fingerprint for foo.sh". You will get
a "matching fingerprint for /bin/sh", and "no entry for foo.sh" if
there isn't one, or "matching fingerprint for foo.sh" if there is.

-e.

-- 
Elad Efrat
PGP Key ID: 0x666EB914