| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20160711170711.GB3337@htj.duckdns.org> Date: Mon, 11 Jul 2016 13:09:37 -0400 From: Tejun Heo <tj@...nel.org> To: Topi Miettinen <toiwoton@...il.com> Cc: linux-kernel@...r.kernel.org, ebiederm@...ssion.com, mladek@...e.com, luto@...nel.org, serge@...lyn.com, keescook@...omium.org, Paul Moore <paul@...l-moore.com>, Eric Paris <eparis@...hat.com>, Li Zefan <lizefan@...wei.com>, Johannes Weiner <hannes@...xchg.org>, Serge Hallyn <serge.hallyn@...onical.com>, "moderated list:AUDIT SUBSYSTEM" <linux-audit@...hat.com>, "open list:CONTROL GROUP (CGROUP)" <cgroups@...r.kernel.org>, "open list:CAPABILITIES" <linux-security-module@...r.kernel.org> Subject: Re: [PATCH] capabilities: audit capability use Hello, On Mon, Jul 11, 2016 at 02:14:31PM +0300, Topi Miettinen wrote: > [ 28.443674] audit: type=1327 audit(1468234333.144:520): proctitle=6D6B6E6F64002F6465762F7A5F343639006300310032 > [ 28.465888] audit: type=1330 audit(1468234333.144:520): cap_used=0000000008000000 > [ 28.482080] audit: type=1331 audit(1468234333.144:520): cgroups=:/test; Please don't put additions of the two different audit types into one patch and I don't think the cgroup audit logging makes much sense. Without logging all migrations, it doesn't help auditing all that much. Also, printing all cgroup membership like that can be problematic for audit it can be arbitrarily long. Thanks. -- tejun
Powered by blists - more mailing lists