Re: [RFC][PATCH] (#2) Prelim in-kernel file system auditing support
On Tue, 2005-01-25 at 15:25 -0600, Timothy R. Chavez wrote:
Any accesses on that inode,
in that namespace (presumably the only access we care about), by an
audited syscall will be noted and sent to userspace. Isn't that
sufficient?
Not quite right: Any access to that inode from any namespace. Another
namespace might simply mean that you have a different path to the inode.
--
Serge Hallyn <serue(a)us.ibm.com>