Re: [PATCH] audit: listen in all network namespaces
----- Original Message -----
I still detest the idea of tieing the audit namespace to the user
namespace. My NAK still stands on any such patches.
I'd think that disjoint namespaces (like networking) instead of
hierarchical namespaces (like user) would be a lot easier to do. My
thoughts have always been about completely disjoint audit namespaces and
I may have missed the nuance of some of your discussion because it
didn't really dawn on me you seem to have always been discussing
hierarchical audit namespace.
I'm wondering if we want/need both?
Would it be possible to avoid adding more dimensions to the namespace matrix? I
appreciate that the flexibility allows a wide range of use cases, however it also makes
reasoning about the security properties extremely difficult.
(If only there were a way to put the genie back to the bottle and have the kernel
explicitly recognize something like "virt-like container" or
"webhosting-like application isolation" as kernel-space concepts and
objects...)
Mirek