Re: suspending a process when audit resource are not available
On Tue, 2004-12-14 at 21:56, Chris Wright wrote:
This adds a requirement to the calling location, namely that it can
sleep. I don't think that requirement is safe without some code
auditing. Also, I don't recall that all audit_log_lost callers are in
the relevant context.
It is certainly not safe for current usage of the audit subsystem by
SELinux.
--
Stephen Smalley <sds(a)epoch.ncsc.mil>
National Security Agency