key in syscall audit rules.
Timothy R. Chavez
tinytim at us.ibm.com
Fri May 20 17:56:18 UTC 2005
On Friday 20 May 2005 11:57, David Woodhouse wrote:
> I think this is a solution in search of a problem -- unless someone can
> come up with a convincing use case for syscall rule keys, I think we
> should drop them.
>
I think the original purpose of the syscall keys were to provide user space
the potential for finer grained searching? I'm always in favor of KISS where
it makes sense though. Steve what do you think?
-tim
More information about the Linux-audit
mailing list