sample 5.3 based trusted os ;-)
Martin Englund
Martin.Englund at Sun.COM
Fri Jan 21 20:52:39 GMT 2005
ilmar at watson.org wrote:
> Sun based of cause. Apple BSM code does that.
>
Neat-o! :)
> 2. i've found a file token description in trusted solaris audit manual. as
> i understand, it must be inserted at the beginning and at the end of audit
> trails. The token is inserted, but the ending file token must be corrected
> by auditd daemon. the last is not implemented. I don't know, if file token
> is really needed, i haven't seen it neither in solaris logs, nor in apple
> implementation. And i have no docs, describing it.
>
You have the explanation here:
<http://docs.sun.com/app/docs/doc/816-4557/6maosrjqk?a=view#aparecord-16>
> I hope i understand the question right and answered it.
>
Yupp :)
Will you add an XML output option to praudit[1]? I'm working on a GUI audit
trail viewer, and it would be neat if it could read audit trails from all
systems.
[1] <http://docs.sun.com/app/docs/doc/816-5166/6mbb1kqc0?a=view#OPTIONS>
cheers,
/Martin
--
Martin Englund, Senior Network Security Engineer, Sun IT Security Office
Email: martin.englund at sun.com Time Zone: MEST/UTC+1 PGP: 1024D/4CDCB50F
"The question is not if you are paranoid, it is if you are paranoid enough."
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-discuss" in the body of the message
More information about the trustedbsd-discuss
mailing list