| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <1257790873.2994.25.camel@dhcp231-106.rdu.redhat.com> Date: Mon, 09 Nov 2009 13:21:13 -0500 From: Eric Paris <eparis@...hat.com> To: Miloslav Trmač <mitr@...hat.com> Cc: viro@...iv.linux.org.uk, linux-audit@...hat.com, linux-kernel@...r.kernel.org Subject: Re: [PATCH] audit: Match SELinux context in "user" records On Mon, 2009-11-09 at 16:10 +0100, Miloslav Trmač wrote: > From: Miloslav Trmac <mitr@...hat.com> > > Add support for matching by security label (e.g. SELinux context) of > the sender of an user-space audit record. > > The audit filter code already allows user space to configure such > filters, but they were ignored during evaluation. This patch implements > evaluation of these filters. > > For example, after application of this patch, PAM authentication logs > caused by cron can be disabled using > auditctl -a user,never -F subj_type=crond_t > > Signed-off-by: Miloslav Trmac <mitr@...hat.com> I wish there was a way to stop sending these instead of dropping them later, but the functionality itself is not a horrid idea and this isn't a performance hot list (like the syscall list) so..... Acked-by: Eric Paris <eparis@...hat.com> (I actually talked to Al about it already and he'll queue it up for the next merge window) -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists