[redhat-lspp] RBAC Roles
Dustin Kirkland
dustin.kirkland at us.ibm.com
Tue Sep 20 15:51:05 UTC 2005
On 9/20/05, Steve Grubb <sgrubb at redhat.com> wrote:
> On Tuesday 20 September 2005 09:24, Stephen Smalley wrote:
> > If you want to enable syscall auditing for a given role, then doing
> > so via auditctl is quite reasonable. But for the SELinux permission
> > check auditing, it really has to be handled by SELinux.
>
> Agreed. I guess we should work out these details. We need an API.
> Dustin submitted a patch to add label support and I think we need to
> make some changes to the patch. We also need an API to list what's
> inserted and to delete audit rules from SE Linux.
Just a status update... I've integrated changes addressing most of the
criticism by Amy to the patch. I'm currently building/testing a kernel.
Another revision of this patch should be on the list very very soon.
I'm really hoping that these audit context labels will be integrated
soon.
Dustin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/redhat-lspp/attachments/20050920/b199b867/attachment.sig>
More information about the redhat-lspp
mailing list