Key based rate limiter (audit_set_rate_limit)
Anurag Aggarwal
anurag19aggarwal at gmail.com
Thu Mar 9 06:16:27 UTC 2023
>
> However, I am fairly skeptical that we could add per-key rate limiting
> without introducing a non-trivial amount of overhead to record
> generation, which would be a show stopper for this feature given its
> expected limited appeal.
>
I understand the reservation. I will spend some time to analyze it impact
Steve, about your comment:
> There just really isn't room to add more thinkgs without some userspace API
> problem. (This would definitely need a feaure bitmap so user space can make
> sense of it.)
I was not aware that this could cause problems in the userspace API.
Key based filtering for rate limiting could be a useful feature. It is
something that would
help us a lot.
--
Anurag Aggarwal
More information about the Linux-audit
mailing list