Bug#287100: CONFIG_AUDIT is indeed fairly critical for
Hi,
CONFIG_AUDIT is required to have Se-Linux be usefully
deployed, since without tht we can't even test any other aspect of
Se-Linux functionality in the Debian kernel image packages. Without
audit, any modifications needed to policy are hard to discover, since
policy violations are just silently blocked -- even if that is not
the desired option. Also, as a user, it is nice to know when attempts
are made that violate security polices ;-)
Indeed, this is what Kconfig says in 2.6.10:
======================================================================
config AUDIT
bool "Auditing support"
default y if SECURITY_SELINUX
default n
help
Enable auditing infrastructure that can be used with another
kernel subsystem, such as SELinux (which requires this for
logging of avc messages output). Does not do system-call
auditing without CONFIG_AUDITSYSCALL.
======================================================================
Adding AUDIT has a very minimal affect on the size of the
resulting image.
manoj
--
A computer scientist is someone who fixes things that aren't broken.
Manoj Srivastava <srivasta@debian.org> <http://www.debian.org/%7Esrivasta/>
1024D/BF24424C print 4966 F272 D093 B493 410B 924B 21BA DABB BF24 424C
Reply to: