[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [PATCH] enable /proc/$$/loginuid



On Mon, 2005-01-17 at 13:28 -0600, Timothy R. Chavez wrote:

Although I think this bit is still up for discussion:

> Right, and such filtering already exists in the kernel and is mostly,
> if not completely, sufficient to meet this goal.

I absolutely agree with this:

> What I was getting
> at is that there may be a desire to do additional filtering that goes
> above and beyond what the kernel is capable of doing.  Thus. this is
> one reason why the audit daemon and not the kernel, should be used to
> write out to the actual log file.

Note though, that the Solaris approach of passing a pipe file descriptor
to the kernel may still be a viable alternative if people REALLY want to
go down this path (wouldn't recommend it though, based on all the
troubles Sun have had with this approach).

L.
-- 
Leigh Purdie, Director - InterSect Alliance Pty Ltd
http://www.intersectalliance.com/


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]