SELinux and Auditing of Security-Relevant Files
Colin Walters
walters at redhat.com
Wed Oct 13 22:31:51 UTC 2004
On Wed, 2004-10-13 at 15:16 -0700, Kevin Degnan wrote:
> an easy way to configure SELinux (or another
> tool) to audit these files and record unsuccessful
> access attempts?
SELinux is only consulted *after* the normal DAC checks. So unless
you're willing to give /etc/passwd world-readable DAC permissions, it
won't work.
However, the new auditing infrastructure may be able to help:
http://people.redhat.com/faith/audit/
Maybe Rik or someone else who knows more about it can comment...
More information about the fedora-selinux-list
mailing list