[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: auditing syscalls made 'by' an inode?



On Fri, Jun 8, 2012 at 7:49 AM, Daniel J Walsh <dwalsh redhat com> wrote:

> On thing you could do would be to write a simple SELinux domain, like
> auditproc_t and have unconfined_t transition to it using runcon.

True, but this requires running selinux, which despite all of the
excellent work you guys have put into making that easy (easier), is
still a non-starter for some people.

Cheers,
peter

-- 
Peter Moody      Google    1.650.253.7306
Security Engineer  pgp:0xC3410038


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]