key in syscall audit rules.
David Woodhouse
dwmw2 at infradead.org
Wed May 18 05:29:46 UTC 2005
On Tue, 2005-05-17 at 16:47 -0400, Steve Grubb wrote:
> > The way it's done, you have 4 milliard possible keys for
> > syscall auditing rules. Do you really think that's insufficient?
>
> Its not that its insufficient - its not the same. The patch uses a number
> while filesystem auditing is a text string.
How about we change the latter then?
--
dwmw2
More information about the Linux-audit
mailing list