[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Supplemental Groups

--- Chris Wright <chrisw osdl org> wrote:

> * Klaus Weidner (klaus atsec com) wrote:
> ...
> > Since "subjects" are defined to be processes
> (running on behalf of
> > users), I'd consider them to be identified by the
> PID, and the security
> > attributes would be properties of the process but
> not part of the
> > identity. (A privileged process may change its own
> security properties,
> > and I'd think it would be weird if that would
> correspond to a change of
> > identity for that process.)
> OK, I had always considered security attributes to
> be part of the
> identity.  Thanks for clarification.

This audit trail does not contain sufficient
information to identify what security policy
was enforced on failure, nor does it provide
sufficient information to demonstrate an access
was in fact appropriate.

This may be an audit trail, but it ain't a
security audit trail! The fact that an event
occurred without the information about the
subject and the object is not sufficient for
any analysis. What is the point of this
exercise? Without the subject and object
security attributes, especially those used
to make the access in question, what is this
good for?

Casey Schaufler
casey schaufler-ca com

Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]