[PATCH 2/2] security/smack implement logging V3
Eric Paris
eparis at redhat.com
Mon Apr 13 18:53:27 UTC 2009
On Wed, 2009-04-08 at 20:40 +0200, Etienne Basset wrote:
> the following patch, add logging of Smack security decisions.
> This is of course very useful to understand what your current smack policy does.
> As suggested by Casey, it also now forbids labels with ', " or \
>
> It introduces a '/smack/logging' switch :
> 0: no logging
> 1: log denied (default)
> 2: log accepted
> 3: log denied&accepted
>
>
> Signed-off-by: Etienne Basset <etienne.basset at numericable.fr>
Acked-by: Eric Paris <eparis at redhat.com>
I don't think it's worth doing now, but if for some reason you have to
make another round....
smk_ad_setfield_u_tsk and friends could be generic functions since
SELinux could use them just as well to clear up some of their code.
More information about the Linux-audit
mailing list