[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Supplemental Groups



* Casey Schaufler (casey schaufler-ca com) wrote:
> --- Chris Wright <chrisw osdl org> wrote:
> > 
> > OK, I had always considered security attributes to
> > be part of the
> > identity.  Thanks for clarification.
> 
> This audit trail does not contain sufficient
> information to identify what security policy
> was enforced on failure, nor does it provide
> sufficient information to demonstrate an access
> was in fact appropriate.

It's CAPP vs. useful ;-)

> This may be an audit trail, but it ain't a
> security audit trail! The fact that an event
> occurred without the information about the
> subject and the object is not sufficient for
> any analysis. What is the point of this
> exercise? Without the subject and object
> security attributes, especially those used
> to make the access in question, what is this
> good for?

Most of these things are there, we're just identifying what's missing.
I don't think anyone believes they aren't useful (however, we won't be
tracking which bit gave access, that'd have to be deduced).

thanks,
-chris
-- 
Linux Security Modules     http://lsm.immunix.org     http://lsm.bkbits.net


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]