On Fri, 8 Oct 2004 10:21:13 +0200, Arjan van de Ven <arjanv@xxxxxxxxxx> wrote: > On Fri, Oct 08, 2004 at 04:33:41PM +0900, aq wrote: > > > no not LSM, the audit subsystem present in 2.6.8 > > > COFNIG_AUDIT > > > and > > > CONFIG_AUDITSYSCALL > > > > > > > and no, that audit subsystem doesnt enable by default either :-) > > ???? > > > So I think the approach which based on its existent cannot be applied > > on some environments --> that is one drawback. > > please explain whay you mean > I meant that in order to implement your method, auditd must be compiled into the kernel. So far very few kernels from vendors support auditd out of the box. Then the user must recompile the kernel themselves to support auditd --> I think that is not always desired. Regards, AQ -- Kernelnewbies: Help each other learn about the Linux kernel. Archive: http://mail.nl.linux.org/kernelnewbies/ FAQ: http://kernelnewbies.org/faq/
