From owner-freebsd-security Mon Sep 20 8: 0:11 1999 Delivered-To: freebsd-security@freebsd.org Received: from loki.ideaglobal.com (loki.ideaglobal.com [194.36.20.54]) by hub.freebsd.org (Postfix) with ESMTP id C7E3714DD2 for ; Mon, 20 Sep 1999 08:00:07 -0700 (PDT) (envelope-from kiril@loki.ideaglobal.com) Received: (from kiril@localhost) by loki.ideaglobal.com (8.9.3/8.9.2) id PAA30804; Mon, 20 Sep 1999 15:07:41 GMT (envelope-from kiril) From: Kiril Mitev Message-Id: <199909201507.PAA30804@loki.ideaglobal.com> Subject: Re: Real-time alarms In-Reply-To: <199909201416.HAA58893@gndrsh.dnsmgr.net> from "Rodney W. Grimes" at "Sep 20, 1999 7:16:26 am" To: freebsd@gndrsh.dnsmgr.net (Rodney W. Grimes) Date: Mon, 20 Sep 1999 15:07:41 +0000 (GMT) Cc: ark@eltex.ru, security@FreeBSD.ORG X-Mailer: ELM [version 2.4ME+ PL43 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Ouch. do you REALLY suggest things along the lines set proc/priv=(... , .... , .... ) ?? > > > > Hmmm, i think it is a good idea to have 2 kernel interfaces: > > > > 1) audit - one way communication system that lets kernel and possibly > > some user processes to inform an audit daemon or whatever that something > > important happened > > By definision a secure audit trail can only be generated by a secure > code base, that pretty much precludes any user processes from being > a source of data at this time. > > > 2) acl device that will provide 2-way communication to a daemon that will > > allow or deny things to happen? > > This is no longer auditing, that would be under another thread, one about > security control, and goes hand in hand with the proposal I tossed out > about VMS like per process priviledges. > > > -- > Rod Grimes - KD7CAX - (RWG25) rgrimes@gndrsh.dnsmgr.net > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > > -- Kiril Mitev, IT Operations Mgr, London IDEAglobal.com Standard Corporate Disclaimer applies, see http://www.ideaglobal.com/email-disclaimer.html for details. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message