Re: Possible performance bug
* Linda Knippers (linda.knippers(a)hp.com) wrote:
Would it be better to not allow auditing to be enabled after boot
then? I'm concerned about the case where auditing isn't started
at boot time but enabled later. There could be alot of processes
that won't be audited. If things can't be both dynamic and correct
then I vote for correct.
That would also mean you can't disable dynamically (as it would be
a reboot to turn it back on). This sounds overally restrictive.
I'd vote for documented and left up to admin (with sane default).
It's pretty useful (at least from development perspective ;-) to disable,
then re-enable.