From owner-trustedbsd-audit@FreeBSD.ORG Sat Nov 11 16:08:36 2006 Return-Path: X-Original-To: trustedbsd-audit@freebsd.org Delivered-To: trustedbsd-audit@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4550716A412 for ; Sat, 11 Nov 2006 16:08:36 +0000 (UTC) (envelope-from dgiagio@gmail.com) Received: from ug-out-1314.google.com (ug-out-1314.google.com [66.249.92.169]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6B81043D46 for ; Sat, 11 Nov 2006 16:08:35 +0000 (GMT) (envelope-from dgiagio@gmail.com) Received: by ug-out-1314.google.com with SMTP id o2so678630uge for ; Sat, 11 Nov 2006 08:08:34 -0800 (PST) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=CQO890JnpIpRnqJyhyQXbxEj5TPlj7YXaNPYpDS2q0JuQ+fy3JnlTvtykyL9oS6hl9BS7C4JGSghgyyqR4ZpO112lwuJ7Me0SFr1bO0vzHwOl9qfwilbEL5pE+F6GKhvqbHd/FHsUMZ8p/lBwNCSuk2q3R4DdeD8PpfGryfmP6E= Received: by 10.67.103.7 with SMTP id f7mr5220599ugm.1163261314579; Sat, 11 Nov 2006 08:08:34 -0800 (PST) Received: by 10.67.30.9 with HTTP; Sat, 11 Nov 2006 08:08:34 -0800 (PST) Message-ID: <1b0798830611110808g747e91b1xf1912b9b1193cd2b@mail.gmail.com> Date: Sat, 11 Nov 2006 14:08:34 -0200 From: "Diego Giagio" To: "Robert Watson" In-Reply-To: <20061111092821.I63959@fledge.watson.org> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <1b0798830611031732k682b85bey4ea6f769e9692a01@mail.gmail.com> <20061111092821.I63959@fledge.watson.org> Cc: trustedbsd-audit@freebsd.org Subject: Re: I would like to help X-BeenThere: trustedbsd-audit@FreeBSD.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: TrustedBSD Audit Discussion List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 11 Nov 2006 16:08:36 -0000 On 11/11/06, Robert Watson wrote: > Diego, > > Thanks for your e-mail! Your help would be most welcome. There is quite a > bit of work to be done; right now we're not maintaining a unified TODO list > for the FreeBSD audit implementation, rather, there are a few lists scattered > in various places. You can find a short TODO list in the OpenBSM distribution > (some of the items in the most recent release have now been done, FYI, so > check first). The distributed audit daemon is one of the more interesting > outstanding areas to work in, but there are others that probably ought to go > into a TODO list somewhere. In my recent presentation at the FreeBSD > developer summit, I identified the following areas in which interesting new > work can and should be done: > > -Finish syscall assignments, especially for ABIs > > - Flesh out argument auditing > - Audit + NSS > - Userland sweep > - Ports + packages > - Language bindings > - Enhance audit pipe preselection > - Multiple audit pipelines > > > - IDS/monitoring tools > - Distributed audit > - New parsing API > Let the work begin! I'll be sending specific e-mails to the list to collect information and begin contributing. Thanks. DG