[PATCH] audit: file system auditing based on location and name
Greg KH
greg at kroah.com
Mon Jul 11 17:13:40 UTC 2005
On Mon, Jul 11, 2005 at 11:07:17AM -0500, Michael C Thompson wrote:
> > > Ultimately, the part where we differ most, is the processing of information in
> > > fs/dcache.c to give dynamic updates in response to file system activity (such
> > > as attaching audit information to an auditable file whose inode just changed).
> > > I believe this should be kept seperate and not part of this framework nor Inotify.
> > > It's a specific requirement for audit, but not for Inotify. This is one of the places
> > > the two systems are functionally different.
> >
> > I don't think it should be different. If inotify wants to just ignore
> > this information, it can.
>
> Doesn't this mentality bring with it the risk of bloating a framework that
> should be as "trim" as possible?
vs. the mentality that since you are doing something just a bit
different, you should duplicate lots of other functionality too? no.
greg k-h
More information about the Linux-audit
mailing list