Re: [PATCH] LSM hooks for audit

From: Stephen Smalley (sds@private)
Date: Wed Sep 15 2004 - 08:05:28 PDT

Previous message: Stephen Smalley: "Re: [PATCH] LSM hooks for audit"
In reply to: Serge Hallyn: "Re: [PATCH] LSM hooks for audit"
Next in thread: Crispin Cowan: "Re: [PATCH] LSM hooks for audit"
Next in thread: James Morris: "Re: [PATCH] LSM hooks for audit"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

On Wed, 2004-09-15 at 10:32, Serge Hallyn wrote:
> The last one is the most dubious one in my mind, but we do want to
> prevent a user from sending fake login audit messages, either to mislead
> the auditor or to fill the log with garbage.

I agree that it should be controlled, and so should AUDIT_USER; you
don't want arbitrary processes being able to flood the logs.

-- 
Stephen Smalley <sds@private>
National Security Agency

Previous message: Stephen Smalley: "Re: [PATCH] LSM hooks for audit"
In reply to: Serge Hallyn: "Re: [PATCH] LSM hooks for audit"
Next in thread: Crispin Cowan: "Re: [PATCH] LSM hooks for audit"
Next in thread: James Morris: "Re: [PATCH] LSM hooks for audit"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.3 : Wed Sep 15 2004 - 08:08:12 PDT