[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [RFC][PATCH 1/3] CAPP-compliant file system auditing



On Thursday 31 March 2005 01:08 pm, Stephen Smalley wrote:
> On Thu, 2005-03-31 at 12:17 -0600, Timothy R. Chavez wrote:
> > I suspect there will be questions framed around specific parts of this
> > design and I will address them as they come.  However, please keep in
> > mind that we are not auditing based on content, but "name".
>
> Or possibly location.
>
> > This is _not_ a general purpose file system auditing solution.
>
> Ah, bad statement to make when seeking acceptance into a general purpose
> operating system.  Better to say that this is intended to complement the
> existing support for auditing based on (device,inode) pair to fill a
> specific gap, namely preservation of audit on particular locations
> across transactions?

Can you tell that I'm an inexperienced kernel developer yet :)? Haha.

-tim


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]