Re: [PATCH] enable /proc/$$/loginuid
--- "Timothy R. Chavez" <chavezt(a)gmail.com> wrote:
Right, and such filtering already exists in the
kernel and is mostly,
if not completely, sufficient to meet this goal.
What I was getting
at is that there may be a desire to do additional
filtering that goes
above and beyond what the kernel is capable of
doing. Thus. this is
one reason why the audit daemon and not the kernel,
should be used to
write out to the actual log file.
Ah, yes. The initial version of SunOS audit
(back in the late 1980's) wrote directly from
the kernel to disk. The lesson was quickly
learned. Log file management, filtering,
notification, and a number of other functions
are much better done in user space code.
=====
Casey Schaufler
casey(a)schaufler-ca.com
__________________________________
Do you Yahoo!?
All your favorites on one personal page � Try My Yahoo!
http://my.yahoo.com