Which approach should be taken for audit subsystem
Pawel Jakub Dawidek
nick at garage.freebsd.pl
Fri Apr 11 14:32:53 GMT 2003
On Thu, Apr 10, 2003 at 02:50:27AM -0400, Ilmar S. Habibulin wrote:
+> > I've never been a big fan of system call wrapping as a way to impose
+> > access control or audit mechanisms. One of the problems that is
+> Well, i like this idea only because of zero-kernel modifications. My
+> current work is based on yours' old attempts (plus some openbsd lookats).
CerbNG (avaliable at http://cerber.sourceforge.net) works in this way
and policy that implement audit is trivial:
http://cerber.sourceforge.net/policies/audit.cb
--
Pawel Jakub Dawidek pawel at dawidek.net
UNIX Systems Programmer/Administrator http://garage.freebsd.pl
Am I Evil? Yes, I Am! http://cerber.sourceforge.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 305 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/trustedbsd-audit/attachments/20030411/1497b233/attachment.bin
More information about the trustedbsd-audit
mailing list