Re: Linus: [PATCH] (for 2.3.99pre6) audit_ids system calls

From: David A. Wagner (daw@cs.berkeley.edu)
Date: Thu May 04 2000 - 15:44:52 EST


In article <39110943.6AE56341@sgi.com>, Linda Walsh <law@sgi.com> wrote:
> Anyway the requirement is to write an audit record that contains
> the luid. I don't think postprocessing qualifies.

Then go fix the requirement. :-)
Sometimes the right way to honor[1] a (broken) specification is
to refuse to honor[2] it...

If you worry about space overhead for long-running systems,
two words: garbage collection. Nothing says the user-level agent
must *retain* old irrelevant audit events. (If the only state
the user-level agent cares about is the luid and sess_id of each
process, then that really is the only state it needs to retain!)

If you worry about time overhead, consider using a ring-buffer
and periodically flushing its contents to user-level to amortize
the context-switch overhead over many events.

(And, add a flag so users who don't want
audit events won't ever pay any overhead.)

In short: I haven't seen any show-stopping objections so far...
(That doesn't mean there aren't any, of course!)
What do you think?

honor, trans. verb:
  1. to regard or treat with honor or respect
  2. to live up to or fulfill the terms of

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/



This archive was generated by hypermail 2b29 : Sun May 07 2000 - 21:00:16 EST