From owner-freebsd-security Mon Sep 20 3:23:45 1999 Delivered-To: freebsd-security@freebsd.org Received: from eltex.ru (ELTEX-2-SPIIRAS.nw.ru [195.19.204.46]) by hub.freebsd.org (Postfix) with ESMTP id 1B9FB14F0C for ; Mon, 20 Sep 1999 03:23:34 -0700 (PDT) (envelope-from ark@eltex.ru) Received: from yaksha.eltex.ru (root@yaksha.eltex.ru [195.19.198.2]) by eltex.ru (8.9.3/8.9.3) with SMTP id OAA18604 for ; Mon, 20 Sep 1999 14:23:19 +0400 (MSD) Received: by yaksha.eltex.ru (ssmtp TIS-0.5alpha, 19 Oct 1998); Mon, 20 Sep 1999 14:21:05 +0400 Received: from undisclosed-intranet-sender id xma026255; Mon, 20 Sep 99 14:20:56 +0400 Date: Mon, 20 Sep 1999 14:21:17 +0400 Message-Id: <199909201021.OAA00729@paranoid.eltex.spb.ru> From: ark@eltex.ru Organization: "Klingon Imperial Intelligence Service" Subject: Re: Real-time alarms To: security@freebsd.org Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org -----BEGIN PGP SIGNED MESSAGE----- nuqneH, Hmmm, i think it is a good idea to have 2 kernel interfaces: 1) audit - one way communication system that lets kernel and possibly some user processes to inform an audit daemon or whatever that something important happened 2) acl device that will provide 2-way communication to a daemon that will allow or deny things to happen? there were some implementations of (2) thing afair.. _ _ _ _ _ _ _ {::} {::} {::} CU in Hell _| o |_ | | _|| | / _||_| |_ |_ |_ (##) (##) (##) /Arkan#iD |_ o _||_| _||_| / _| | o |_||_||_| [||] [||] [||] Do i believe in Bible? Hell,man,i've seen one! -----BEGIN PGP SIGNATURE----- Version: 2.6.3i Charset: noconv iQCVAwUBN+YKnKH/mIJW9LeBAQFnzgP8DoWt1+esoPDq6qjHVOzGgZVjDSMfNUGF oAeM5QeNgrKuaWKhTVuihR5CJ1Vfaru8QBgKZQMNEzYY83kLBYCAxqP3tBEmzdCx hjpy4/Ul3q9zvSsHtlnHjZ8DVVSy/VLZS5zR3Foy8WI4FaetmJ77NesKyOYDVzPp IB1N8WEC7lY= =h8Xh -----END PGP SIGNATURE----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message