|
|
|
RE: [PATCH] LSM hooks for audit: msg#00049linux.kernel.lsm
I would agree with Stephen with adding this restriction as well. If the audit logs aren't trustworthy, the usefulness of them is minimized -Chad -----Original Message----- From: Stephen Smalley [mailto:sds@xxxxxxxxxxxxxx] Sent: Wednesday, September 15, 2004 10:05 AM To: Serge E. Hallyn Cc: lsm; Crispin Cowan Subject: Re: [PATCH] LSM hooks for audit On Wed, 2004-09-15 at 10:32, Serge Hallyn wrote: > The last one is the most dubious one in my mind, but we do want to > prevent a user from sending fake login audit messages, either to mislead > the auditor or to fill the log with garbage. I agree that it should be controlled, and so should AUDIT_USER; you don't want arbitrary processes being able to flood the logs. -- Stephen Smalley <sds@xxxxxxxxxxxxxx> National Security Agency |
|
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| Previous by Date: | Tired of being fat?: 00049, Cyril Underwood |
|---|---|
| Next by Date: | Pharma: 00049, Branden McClain |
| Previous by Thread: | Re: [PATCH] LSM hooks for auditi: 00049, Serge Hallyn |
| Next by Thread: | FWD:Alabama Model Seeking Playmate Linux today: 00049, Anthem O. Modernists |
| Indexes: | [Date] [Thread] [Top] [All Lists] |
|
|
| News | FAQ | advertise |