[PATCH V6 05/10] audit: log creation and deletion of namespace instances
LC Bruzenak
lenny at magitekltd.com
Thu May 14 16:36:41 UTC 2015
On 05/14/2015 11:21 AM, Steve Grubb wrote:
> Then I'd suggest we either scrap this set of patches and forget auditing of
> containers. (This would have the effect of disallowing them in a lot of
> environments because violations of security policy can't be detected.)
Again +1.
I personally have envisioned a use-case in which I feel containers would
be architecturally ideal, however in my situation, and I'm fairly sure
anyone for whom the security requirements matter (i.e. WHY we use
SElinux in the first place), this is mandatory.
Without context-aware definitive audit records which discretely identify
people/actions/objects, the use of any otherwise attractive technology
is untenable.
LCB
--
LC (Lenny) Bruzenak
lenny at magitekltd.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2193 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/linux-audit/attachments/20150514/7caeea54/attachment.p7s>
More information about the Linux-audit
mailing list