Anyway here are the most recent diffs. I've taken Roberts suggestions
into consideration here and I've included the command line in the audit
record. I am not sure that Apple is doing this.
One other area I need to dig a bit further into is the selection code.
On Sun, Nov 30, 2008 at 05:49:22PM -0500, Todd C. Miller wrote:
In message <2008...@jnz.sqrt.ca>
so spake Christian Peron (csjp):
I would like to propose a patch to add BSM audit support to sudo. This patch
and associated files adds support for the Sun's Basic Security Module (BSM)
Audit API and file format. It should be noted that currently FreeBSD, OS X
and Solaris use BSM. I have not tested on Solaris or OS X but, this patch
should build on both. This is a starting point, it's possible that I could
be missing some key error conditions which require auditing.
As luck would have it I was reviewing the Apple BSD audit patches
recently. It's too late for this to go into sudo 1.7.0 but I'd
like to have official support for BSM and Linux auditing in version
I don't see the bsm_audit.c file in your diff, BTW.