Re: c2 (or c2-like) auditing for Linux

From: Chris Wright (chrisat_private)
Date: Wed Jan 29 2003 - 22:45:07 PST

  • Next message: Crispin Cowan: "Re: c2 (or c2-like) auditing for Linux"

    * Valdis.Kletnieksat_private (Valdis.Kletnieksat_private) wrote:
    > And I'm perfectly happy with that, because that is a reasonable attitude
    > for Linus to take.  Now to figure out what '#ifdef CONFIG_C2_AUDIT' magic
    > is needed for that to happen... :)
    Might be a lot of magic to successfully handle the entry and exit points
    of all audit code paths.  Don't get me wrong, I've felt the experience of
    wanting a better audit trail on live systems.  But LSM gets you much of
    the way to useful auditing.  It may not be CAPP compliant, but that
    doesn't mean it isn't useful.
    Linux Security Modules
    linux-security-module mailing list

    This archive was generated by hypermail 2b30 : Wed Jan 29 2003 - 22:46:27 PST