Skip to content

Commit

Permalink
Merge pull request #104 from Pierre-Gronau-ndaal/patch-43
Browse files Browse the repository at this point in the history 
Update audit.rules
  • Loading branch information
@Neo23x0
Neo23x0 committed Jul 28, 2023
2 parents 80094b2 + 79852cc commit 49de100
Showing 1 changed file with 4 additions and 0 deletions.
4 changes: 4 additions & 0 deletions audit.rules
View file
Original file line number Diff line number Diff line change
Expand Up @@ -420,6 +420,10 @@
-w /usr/sbin/traceroute -p x -k sbin_susp
-w /usr/sbin/ufw -p x -k sbin_susp

### kde4
-a always,exit -F path=/usr/libexec/kde4/kpac_dhcp_helper -F perm=x -F auid>=1000 -F auid!=4294967295 -k T1078_Valid_Accounts
-a always,exit -F path=/usr/libexec/kde4/kdesud -F perm=x -F auid>=1000 -F auid!=4294967295 -k T1078_Valid_Accounts

## dbus-send invocation
### may indicate privilege escalation CVE-2021-3560
-w /usr/bin/dbus-send -p x -k dbus_send
Expand Down

0 comments on commit 49de100

Please sign in to comment.