Chris Adams (cmadams@xxxxxxxxxx) said: > Then later, Steve Grubb <sgrubb@xxxxxxxxxx> said: > > > So "cat >> /etc/shadow" is audited? > > > > Of course. > > So cat will have to be setuid root so it can audit? What about echo, > bash, perl, etc.? > > This is absurd. As stated earlier, that's done by auditing of the access to the file itself. Bill -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list