Bug#287100: CONFIG_AUDIT is indeed fairly critical for

To: 287100@bugs.debian.org
Subject: Bug#287100: CONFIG_AUDIT is indeed fairly critical for
From: Manoj Srivastava <srivasta@debian.org>
Date: Thu, 20 Jan 2005 09:47:04 -0600
Message-id: <[🔎] 87pt00rtl3.fsf@glaurung.internal.golden-gryphon.com>
Reply-to: Manoj Srivastava <srivasta@debian.org>, 287100@bugs.debian.org

Hi,

        CONFIG_AUDIT is required to have Se-Linux be usefully
 deployed, since without tht we can't even test any other aspect of
 Se-Linux functionality in the Debian kernel image packages. Without
 audit, any modifications needed to policy are hard to discover, since
 policy violations are just silently blocked -- even if that is not
 the desired option. Also, as a user, it is nice to know when attempts
 are made that violate security polices ;-)

	Indeed, this is what Kconfig says in 2.6.10:
======================================================================
config AUDIT
        bool "Auditing support"
        default y if SECURITY_SELINUX
        default n
        help
          Enable auditing infrastructure that can be used with another
          kernel subsystem, such as SELinux (which requires this for
          logging of avc messages output).  Does not do system-call
          auditing without CONFIG_AUDITSYSCALL.
======================================================================

	Adding AUDIT has a very minimal affect on the size of the
 resulting image.

	manoj
-- 
A computer scientist is someone who fixes things that aren't broken.
Manoj Srivastava   <srivasta@debian.org>  <http://www.debian.org/%7Esrivasta/>
1024D/BF24424C print 4966 F272 D093 B493 410B  924B 21BA DABB BF24 424C

Reply to:

Prev by Date: Bug#291357: kernel-source-2.4.27: SIGHUP not being sent when controlling process exits
Next by Date: Bug#291217: NFS-ACL patches for kernel 2.6.9rc2
Previous by thread: Bug#274720: enumerating kernels where IDE detection fails
Next by thread: Bug#291217: NFS-ACL patches for kernel 2.6.9rc2
Index(es):
- Date
- Thread