PERFORCE change 94164 for review
Robert Watson
rwatson at FreeBSD.org
Tue Mar 28 13:32:39 UTC 2006
http://perforce.freebsd.org/chv.cgi?CH=94164
Change 94164 by rwatson at rwatson_zoo on 2006/03/28 13:31:30
Add auditfilterd and audit filters to the history file.
Affected files ...
.. //depot/projects/trustedbsd/openbsm/HISTORY#11 edit
Differences ...
==== //depot/projects/trustedbsd/openbsm/HISTORY#11 (text+ko) ====
@@ -31,6 +31,11 @@
This code is not built or installed by default.
- auditd now assigns more appropriate syslog levels to its debugging and
error information.
+- Support for audit filters introduced: audit filters are dynamically
+ loaded shared objects that run in the context of a new daemon,
+ auditfilterd. The daemon reads from an audit pipe and feeds both BSM and
+ parsed versions of records to shared objects using a module API. This
+ will provide a framework for the writing of intrusion detection services.
OpenBSM 1.0 alpha 5
@@ -158,4 +163,4 @@
to support reloading of kernel event table.
- Allow comments in /etc/security configuration files.
-$P4: //depot/projects/trustedbsd/openbsm/HISTORY#10 $
+$P4: //depot/projects/trustedbsd/openbsm/HISTORY#11 $
More information about the trustedbsd-cvs
mailing list