lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date:	Mon, 09 Nov 2009 13:21:13 -0500
From:	Eric Paris <>
To:	Miloslav Trmač <>
Subject: Re: [PATCH] audit: Match SELinux context in "user" records

On Mon, 2009-11-09 at 16:10 +0100, Miloslav Trmač wrote:
> From: Miloslav Trmac <>
> Add support for matching by security label (e.g. SELinux context) of
> the sender of an user-space audit record.
> The audit filter code already allows user space to configure such
> filters, but they were ignored during evaluation.  This patch implements
> evaluation of these filters.
> For example, after application of this patch, PAM authentication logs
> caused by cron can be disabled using
> 	auditctl -a user,never -F subj_type=crond_t
> Signed-off-by: Miloslav Trmac <>

I wish there was a way to stop sending these instead of dropping them
later, but the functionality itself is not a horrid idea and this isn't
a performance hot list (like the syscall list)  so.....

Acked-by: Eric Paris <>

(I actually talked to Al about it already and he'll queue it up for the
next merge window)

To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to
More majordomo info at
Please read the FAQ at

Powered by blists - more mailing lists