Re: [PATCH] enable /proc/$$/loginuid
--- Leigh Purdie <Leigh.Purdie(a)intersectalliance.com>
wrote:
Believe it or not, it still does. :(
The solaris auditd functions as a 'management layer'
for the kernel, but
effectively all it really does, is:
a) turn on/off particular events according to
configurations
in /etc/security/audit_control, audit_event, and
audit_class
b) open a file (eg:
/var/audit/1234567.not-terminated.log), and pass the
file handle + a 'exit auditsvc if disk space falls
below this threshold'
parameter to the auditsvc() system call.
Yerg. Code I wrote before my forehead
meet my bald spot, still in use.
=====
Casey Schaufler
casey(a)schaufler-ca.com
__________________________________
Do you Yahoo!?
Yahoo! Mail - You care about security. So do we.
http://promotions.yahoo.com/new_mail