Re: integrity: audit

From: Steve Grubb
Date: Fri Feb 06 2009 - 11:34:28 EST

Next message: Randy Dunlap: "Re: cciss: WARNING/BUG in do_cciss_intr (it's back)"
Previous message: Ingo Molnar: "Re: [linux-next][PATCH] revert headers_check fix: ia64, fpu.h"
In reply to: Mimi Zohar: "Re: integrity: audit"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Friday 06 February 2009 11:15:14 am Mimi Zohar wrote:
> The integrity auditing discussions took place a while ago in August 2007
> (http://osdir.com/ml/linux.redhat.security.audit/2007-09/msg00007.html).

Thanks for the refresh. Its been so long, I forgot about this. :) Re-reading
the thread, we never had closure on the audit event format.

> The integrity patches are in security-testing-2.6/#next and the auditd
> patch I just posted to linux-audit. How do you suggest we go forward?

We need to go over the event format and make sure its got everything we need
in it. We also need to review the code that touches the audit system and make
sure its using the audit API the way we intended. I'd like to do this on the
linux-audit mail list so there is a record of it in the audit archives.

Thanks,
-Steve
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Randy Dunlap: "Re: cciss: WARNING/BUG in do_cciss_intr (it's back)"
Previous message: Ingo Molnar: "Re: [linux-next][PATCH] revert headers_check fix: ia64, fpu.h"
In reply to: Mimi Zohar: "Re: integrity: audit"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]