[PATCH] Reporting file descriptors created by pipe and socketpair
John D. Ramsdell
ramsdell at mitre.org
Tue Sep 12 21:05:35 UTC 2006
Alexander Viro <aviro at redhat.com> writes:
> Indeed? And how, pray tell, do you handle e.g. processes A and B
> sending SCM_RIGHTS datagrams to C at the same moment?
We don't. We do not try to get all information flows. Our goal is to
recognize common information flow patterns, and suggest SELinux policy
based on the patterns we find. For example, the Jabber Server has
five main processes, and one them routes information between the other
four. We can recognize this pattern, and suggest types and allow
rules consistent with this hub-and-spoke design pattern.
Here is another major reason to prefer autrace over strace:
performance. We tried to strace a run of an Apache Web Server
compiled with threads support enabled. It was a disaster. The only
way we could get useful data was to strace a single threaded version
of the web server. I bet we could get useful data on run of a
multithreaded web server using autrace.
John
More information about the Linux-audit
mailing list