[PATCH] LSM hooks for audit

From: Serge Hallyn (serue@private)
Date: Wed Sep 15 2004 - 06:59:38 PDT

Previous message: Arnulfo F. Simpson: "Can't get it up"
Next in thread: Crispin Cowan: "Re: [PATCH] LSM hooks for audit"
Reply: Crispin Cowan: "Re: [PATCH] LSM hooks for audit"
Reply: James Morris: "Re: [PATCH] LSM hooks for audit"
Reply: Stephen Smalley: "Re: [PATCH] LSM hooks for audit"
Reply: Chad Hanson: "RE: [PATCH] LSM hooks for audit"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi,

Attached is a patch which provides LSM controls over actions related to
the new audit framework.  As a specific example, we might like to have
an "audit role", enabled by selinux or some other LSM, which would be
the only role allowed to add or delete filter rules.

What do people think about adding these hooks, both in general and these
hooks specifically?

thanks,
-serge

-- 
=======================================================
Serge Hallyn
Security Software Engineer, IBM Linux Technology Center
serue@private

text/x-patch attachment: audit-lsm.diff__charset_UTF-8

Previous message: Arnulfo F. Simpson: "Can't get it up"
Next in thread: Crispin Cowan: "Re: [PATCH] LSM hooks for audit"
Reply: Crispin Cowan: "Re: [PATCH] LSM hooks for audit"
Reply: James Morris: "Re: [PATCH] LSM hooks for audit"
Reply: Stephen Smalley: "Re: [PATCH] LSM hooks for audit"
Reply: Chad Hanson: "RE: [PATCH] LSM hooks for audit"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.3 : Wed Sep 15 2004 - 05:53:12 PDT