[redhat-lspp] userdomain policy question ..
Klaus Weidner
klaus at atsec.com
Fri Aug 11 06:10:45 UTC 2006
On Thu, Aug 10, 2006 at 11:56:53AM -0400, Daniel J Walsh wrote:
> Janak Desai wrote:
> >Dan, in your opinion is a loadable module the best way to handle
> >this? I guess since the existing allow/fscreate line is in
> >base_user_template a module can apply the change only for
> >lspp evaluation system.
> >
> If this is an MLS requirement we can put it in the MLS Policy. Still
> waiting to hear sgrubb
> opinion since he is not crazy about auditallow rules. And he is in
> Orlando this week.
It's an LSPP requirement that the system is *able* to audit this, but
it's not required to permanently configure it to generate these events.
(The same logic applies to all the audit requirements.) I think it would
be appropriate to put it into a loadable module shipped as an example
and/or customization starting point in the evaluated config setup script.
-Klaus
More information about the redhat-lspp
mailing list