using selinux to control user access to files

Steve G linux_4ever at yahoo.com
Tue May 10 17:57:20 UTC 2005


>In my work environmnt, we work with some sensitive data, and we must have audit
>trail whenever some types of files are touched (or we would fail external
audits,
>which translates to lost jobs, simple as that).  Problem with using Linux so far
>was lack of good auditing tools.

This is all in work. The 0.7.4 audit package has some information about setting
file watches (auditctl -w -p ). However, you need to have a kernel that's patched
for it. We are still peer reviewing this capability. I think we have just a few
more locking issues to solve and then it will be sent to lkml. I have put the
tools into FC4 so that when the file system auditing patch does go upstream & you
do a kernel update, everything starts working.

-Steve Grubb


		
__________________________________ 
Yahoo! Mail Mobile 
Take Yahoo! Mail with you! Check email on your mobile phone. 
http://mobile.yahoo.com/learn/mail 




More information about the fedora-selinux-list mailing list