SELinux Mailing List - NSA/CSS

Skip All Menus Skip Top Menu

Top Navigation Menus

Research Skip Research Menus Research Menu Security Enhanced Linux What's New Frequently Asked Questions Background Documents License Download Participating Mail List Archives Remaining Work Contributors Related Work Press Releases Information Assurance Research NIARL In-house Research Areas Mathematical Sciences Program Sabbaticals Computer & Information Sciences Research Technology Transfer Advanced Computing Advanced Mathematics Communications & Networking Information Processing Microelectronics Other Technologies Technology Fact Sheets Publications Related Links	Skip Search Box Searchbox SELinux Mailing List Re: [selinux] Re: identity This message: [ Message body ] [ More options ] Related messages: [ Next message ] [ Previous message ] [ Maybe in reply to ] [ Next in thread ] From: Rik Faith <faith_at_redhat.com> Date: Wed, 25 Feb 2004 14:51:17 -0500 On Tue 24 Feb 2004 16:45:30 -0600, Joshua Brindle <jbrindle@snu.edu> wrote: > On this note, are any of the selinux distro guys looking at integrating > any specific auditing framework with selinux? I've been working on this and I'll post a patch under a new topic later today (what I've implemented does not currently contain an identity feature, but it could be added without much work). > We've looked at SAL a while back but it was very unsuitable at the > time, and have plans to look at snare, are there others? I have looked at several system-call auditing frameworks but, in general, they: did not integrate with SELinux (which often meant they did a tremendous amount of work that is subsumed by LSM), and they had broader goals (i.e., performance monitoring/tuning or debugging, for which they were willing to take a performance hit that is not reasonable to take for always-on security auditing). > If someone is alreay working on this let me know as I'd like to help. Great! -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message. Received on Wed 25 Feb 2004 - 14:51:28 EST This message: [ Message body ] Next message: Rik Faith: "Patch for auditing framework" Previous message: Joshua Brindle: "PaX + selinux integration update" Maybe in reply to: Magosányi Árpád: "Re: [selinux] Re: identity" Next in thread: Russell Coker: "Re: identity" Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]
	Date Posted: Jan 15, 2009 \| Last Modified: Jan 15, 2009 \| Last Reviewed: Jan 15, 2009

bottom