* frm sdsat_private "09/26/01 08:09:17 -0400" | sed '1,$s/^/* /' * * * On Tue, 25 Sep 2001, richard offer wrote: * *> I don't want to keep shadow state to emulate what the kernel is doing, I *> just want to record the directory/file that has been passed to *> sys_chdir() for audit. *> *> Without adding a bunch of new hooks (which is what we initally proposed) *> we're limited to (effectively) multiplexing a lot through permission() *> (and a bunch of other "super hooks", ie setattr() ) * * Isn't audit deferred until a later phase of LSM? Explicit support for audit has been "postponed" until phase 2. CAPP audit is required for all of our security products, therefore we have to cobble something together now, even given the limited audit-friendly feature set of phase 1. * * -- * Stephen D. Smalley, NAI Labs * ssmalleyat_private * richard. ----------------------------------------------------------------------- Richard Offer Technical Lead, Trust Technology, SGI "Specialization is for insects" _______________________________________________________________________ _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Wed Sep 26 2001 - 07:07:37 PDT