[grsec] Suggestion: Subject-Audit-Flag
Marc Schiffbauer
marc at schiffbauer.net
Fri Jan 28 04:44:14 EST 2005
Hi,
since there is the "i"nherit object flag now. I changed many
subjects to conatin things like "/usr/bin rxi". This possibly makes
many objects in my ACLs somewhat needless.
If I could set an Audit flag for such a subject I would see when and
why it is used.
To clean up ACLs I could pass the audit flag to every subject and
then remove it for every subject that will be in my logs... any
audit flag remining after some time which I do not get log entries
for could be removed from the ACLs...
Comments?
-Marc
--
+-O . . . o . . . O . . . o . . . O . . . ___ . . . O . . . o .-+
| Ein Service von Links2Linux.de: / o\ RPMs for SuSE |
| --> PackMan! <-- naeheres unter | __| and others |
| http://packman.links2linux.de/ . . . O \__\ . . . O . . . O . |
More information about the grsecurity
mailing list