Re: Preferred subj= with multiple LSMs
On Tue, 16 Jul 2019, Paul Moore wrote:
The subj_X approach is still backwards compatible, the difference is
that old versions of the tools get a "?" for the LSM creds which is a
rather sane way of indicating something is different.
This will still break existing userspace, right? We can't do that.
Once again, I believe that the subj_X approach is going to be faster
than safely parsing the multiplexed format.
What about emitting one audit record for each LSM?
--
James Morris
<jmorris(a)namei.org>