Re: Supplemental Groups
--- Chris Wright <chrisw(a)osdl.org> wrote:
It's CAPP vs. useful ;-)
Then why bother?
> This may be an audit trail, but it ain't a
> security audit trail! The fact that an event
> occurred without the information about the
> subject and the object is not sufficient for
> any analysis. What is the point of this
> exercise? Without the subject and object
> security attributes, especially those used
> to make the access in question, what is this
> good for?
Most of these things are there, we're just
identifying what's missing.
I don't think anyone believes they aren't useful
(however, we won't be
tracking which bit gave access, that'd have to be
deduced).
Why not? Other systems do it. Dickins, even
MicroSoft can do that!
=====
Casey Schaufler
casey(a)schaufler-ca.com
__________________________________
Do you Yahoo!?
Take Yahoo! Mail with you! Get it on your mobile phone.
http://mobile.yahoo.com/maildemo