[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [PATCH] context based audit filtering (take 3)



On Wed, 2006-02-22 at 00:17 -0600, Dustin Kirkland wrote:
> > - printk a warning and ignore invalid selinux rules (but still hang on to them
> >   so they may be activated with a later policy reload).
> 
> Interesting...  Is this the recommended approach by the SELinux folks?

Not by me, but Darrel thought it would be important to allowing audit
filters to survive across policy reloads and later revived as
appropriate without needing to reload the audit filters as well.  I'm
not clear that it matters in production environments (versus just policy
development boxes).

-- 
Stephen Smalley
National Security Agency


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]