[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [PATCH] enable /proc/$$/loginuid



--- "Timothy R. Chavez" <chavezt gmail com> wrote:


> Right, and such filtering already exists in the
> kernel and is mostly,
> if not completely, sufficient to meet this goal. 
> What I was getting
> at is that there may be a desire to do additional
> filtering that goes
> above and beyond what the kernel is capable of
> doing.  Thus. this is
> one reason why the audit daemon and not the kernel,
> should be used to
> write out to the actual log file.

Ah, yes. The initial version of SunOS audit
(back in the late 1980's) wrote directly from
the kernel to disk. The lesson was quickly
learned. Log file management, filtering,
notification, and a number of other functions
are much better done in user space code.


=====
Casey Schaufler
casey schaufler-ca com


		
__________________________________ 
Do you Yahoo!? 
All your favorites on one personal page ? Try My Yahoo!
http://my.yahoo.com 


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]