[CFT] ASLR, PIE, and segvguard on 11-current and 10-stable
Julian Elischer
julian at freebsd.org
Mon May 26 01:54:44 UTC 2014
On 5/26/14, 5:18 AM, David Chisnall wrote:
> On 25 May 2014, at 21:31, Oliver Pinter <oliver.pntr at gmail.com> wrote:
>
>> On 5/25/14, Dag-Erling Smørgrav <des at des.no> wrote:
>>> Oliver Pinter <oliver.pntr at gmail.com> writes:
>>>> pax_log will be in future a generic pax related logging framework,
>>>> with ratelimiting and other features. It will log user, IP, binary
>>>> name, path, checksum, and others.
>>> What are you using this for? Are you sure you can't use ktrace? It's a
>>> lot more flexible and powerful than you probably realize.
>> Logging to system log, The feature will similar to this in grsecurity:
>> http://en.wikibooks.org/wiki/Grsecurity/Appendix/Grsecurity_and_PaX_Configuration_Options#Kernel_Auditing
> It sounds like you actually want to be writing audit events then. See audit(4).
yeah I think the point is not "use ktrace" but "use and/or possibly
extend one of the several already existing methods".
we don't need *another* logging facility.
>
> David
>
> _______________________________________________
> freebsd-security at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-security
> To unsubscribe, send any mail to "freebsd-security-unsubscribe at freebsd.org"
>
>
More information about the freebsd-security
mailing list