Minor Status Update
Andrew R. Reiter
arr at FreeBSD.org
Thu Jan 17 21:13:48 GMT 2002
Recent Progress
---------------
- Perforce tree has been integ'd (specifically sys/ and usr.sbin/config/
directories)
- audit.h committed
- Basic audit format
- Audit record pool structure
- POSIX.1E defined event specific information data structures &
#defines. Still need to define some areas taht need to be
audit-aware, but are not specified in POSIX.1E
These data structures might also be different from POSIX.1E
in order to beef up their reporting.
To Do
-----
- Commit audit record pool framework (audit record specific allocator)
- create/destroy pools
- alloc/free records from pool
- Commit audit record write framework
- work out kernel thread design (partially done, but KSEs?)
- perhaps make more flexible if we're doing lazy writing... perhaps to
add priority writes, etc. (WRITE_IMMEDIATE, WRITE_WAITOK ??)
- Make auditable functions audit-aware
- Much much more...
Comments and/or Questions appreciated.
--
Andrew R. Reiter
arr at watson.org
arr at FreeBSD.org
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-audit" in the body of the message
More information about the trustedbsd-audit
mailing list