[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [RFC][PATCH] (#2) Prelim in-kernel file system auditing support



On Tue, 25 Jan 2005 09:40:00 PST, Casey Schaufler said:

> What are the implications regarding a chroot
> environment? I can imagine (although it strikes
> me as somewhat insane) an admin wanting to audit
> everything that goes on in a chroot environment,
> say for a honeypot. The watching would have to
> be enabled from outside. Not a bad thing, but is
> it what you want?

Well, from where I'm sitting, *if* you buy into the idea of
a honeypot as being sane, you *definitely* want to be able
to enable auditing from "outside".

Attachment: pgp00004.pgp
Description: PGP signature


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]