[PATCH 1/7] audit: implement generic feature setting and retrieving
Richard Guy Briggs
rgb at redhat.com
Thu May 30 17:20:56 UTC 2013
On Fri, May 24, 2013 at 12:11:44PM -0400, Eric Paris wrote:
> The audit_status structure was not designed with extensibility in mind.
> Define a new AUDIT_SET_FEATURE message type which takes a new structure
> of bits where things can be enabled/disabled/locked one at a time. This
> structure should be able to grow in the future while maintaining forward
> and backward compatibility (based loosly on the ideas from capabilities
> and prctl)
>
> This does not actually add any features, but is just infrastructure to
> allow new on/off types of audit system features.
This is the sort of infrastructure that occured to me for the
audit_tty_status structure, when I implemented the password logging
switch...
> Signed-off-by: Eric Paris <eparis at redhat.com>
- RGB
--
Richard Guy Briggs <rbriggs at redhat.com>
Senior Software Engineer
Kernel Security
AMER ENG Base Operating Systems
Remote, Ottawa, Canada
Voice: 1.647.777.2635
Internal: (81) 32635
More information about the Linux-audit
mailing list