Re: SoC: Distributed Audit Daemon project
- From: "M. Warner Losh" <imp@xxxxxxxxxx>
- Date: Sat, 26 May 2007 02:16:09 -0600 (MDT)
In message: <200705252004.38092.mail@xxxxxxxxxx>
Benjamin Lutz <mail@xxxxxxxxxx> writes:
: On Friday 25 May 2007 01:22:21 Alexey Mikhailov wrote:
: > [...]
: > 2. As I said before initial subject of this project was "Distributed
: > audit daemon". But after some discussions we had decided that this
: > project can be done in more general maner. We can perform distributed
: > logging for any user-space app.
: > [...]
:
: This sounds very similar to syslogd. Is it feasible to make dlogd a drop-in
: replacement for syslogd, at least from a syslog-using-program point of view?
I suspect that it is dealing with different data streams. syslog is
for programs sending text voluntarily. auditd is for pulling audit
trails out of the kernel for which the 'target' programs have no
knowledge that the audit trails are being generated, let alone anyway
to prevent it.
Warner
_______________________________________________
freebsd-hackers@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@xxxxxxxxxxx"
- Follow-Ups:
- Re: SoC: Distributed Audit Daemon project
- From: Robert Watson
- Re: SoC: Distributed Audit Daemon project
- References:
- SoC: Distributed Audit Daemon project
- From: Alexey Mikhailov
- Re: SoC: Distributed Audit Daemon project
- From: Benjamin Lutz
- SoC: Distributed Audit Daemon project
- Prev by Date: Re: SoC: Distributed Audit Daemon project
- Next by Date: Problems compiling BUILDING from STABLE
- Previous by thread: Re: SoC: Distributed Audit Daemon project
- Next by thread: Re: SoC: Distributed Audit Daemon project
- Index(es):
Relevant Pages
|
|
