On Saturday 06 December 2008 12:59:33 Jesse Keating wrote: > Er, so you have to be root, in order to be audited? No, you have to have CAP_AUDIT_WRITE to send audit events. > Doesn't that sound rather um... bad planning? No, its working rather well. > Doesn't that mean a non-root user can bang on a binary all day long and > never get audited? Nope, we took the perms away. Problem solved. :) -Steve -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
