LSPP audit enablement: example audit records with subj/obj labels

[Linda Knippers]

Hi Dustin,

> Thus, I'm pasting below a few snippets of the audit logs so that you can
> get an idea of what these labels look like, and how they're falling into
> place.

Thanks for sending this.  Its helpful to see what the records really
look like.  I had been concerned about how much stuff we're adding
to the records, what an CAPP user would see, and whether separating
out the information would be better but but this looks pretty
clean to me, especially considering all other stuff that's already
in the records.

> At this point, the subj/obj label is simply appended onto the end of the
> existing audit record for the associated subject or object.  Steve has
> mentioned that this will get more complicated when a given subject acts
> on multiple objects (though I haven't found a good way to test this
> behavior yet).

In most cases where there are multiple objects, wouldn't each have its
own record (like the PATH record) so it would be clear which object the
label is for?

> If there are strong feelings one way or another, let's please
> discuss them now.

I used to think the information should be separate but I don't think
so anymore.

Thanks,

-- ljk