From owner-trustedbsd-audit@FreeBSD.ORG Sat Nov 11 16:57:44 2006 Return-Path: X-Original-To: trustedbsd-audit@FreeBSD.org Delivered-To: trustedbsd-audit@FreeBSD.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 07C5016A403; Sat, 11 Nov 2006 16:57:44 +0000 (UTC) (envelope-from trhodes@FreeBSD.org) Received: from pittgoth.com (ns1.pittgoth.com [216.38.206.188]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7DCD843D46; Sat, 11 Nov 2006 16:57:41 +0000 (GMT) (envelope-from trhodes@FreeBSD.org) Received: from localhost (ip70-177-190-239.dc.dc.cox.net [70.177.190.239]) (authenticated bits=0) by pittgoth.com (8.13.6/8.13.6) with ESMTP id kABGvdjZ002382 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Sat, 11 Nov 2006 11:57:40 -0500 (EST) (envelope-from trhodes@FreeBSD.org) Date: Sat, 11 Nov 2006 11:57:38 -0500 From: Tom Rhodes To: Robert Watson Message-Id: <20061111115738.2aeb1d11.trhodes@FreeBSD.org> In-Reply-To: <20061111161120.T11522@fledge.watson.org> References: <1b0798830611031732k682b85bey4ea6f769e9692a01@mail.gmail.com> <20061111092821.I63959@fledge.watson.org> <1b0798830611110808g747e91b1xf1912b9b1193cd2b@mail.gmail.com> <20061111161120.T11522@fledge.watson.org> Organization: The FreeBSD Project X-Mailer: Sylpheed version 1.0.6 (GTK+ 1.2.10; i386-portbld-freebsd7.0) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Cc: trustedbsd-audit@FreeBSD.org Subject: Re: I would like to help X-BeenThere: trustedbsd-audit@FreeBSD.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: TrustedBSD Audit Discussion List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 11 Nov 2006 16:57:44 -0000 On Sat, 11 Nov 2006 16:37:46 +0000 (GMT) Robert Watson wrote: > > On Sat, 11 Nov 2006, Diego Giagio wrote: > > > On 11/11/06, Robert Watson wrote: > >> Thanks for your e-mail! Your help would be most welcome. There is quite a > >> bit of work to be done; right now we're not maintaining a unified TODO list > >> for the FreeBSD audit implementation, rather, there are a few lists > >> scattered in various places. You can find a short TODO list in the OpenBSM > >> distribution (some of the items in the most recent release have now been > >> done, FYI, so check first). The distributed audit daemon is one of the > >> more interesting outstanding areas to work in, but there are others that > >> probably ought to go into a TODO list somewhere. In my recent presentation > >> at the FreeBSD developer summit, I identified the following areas in which > >> interesting new work can and should be done: > >> > >> -Finish syscall assignments, especially for ABIs > >> > >> - Flesh out argument auditing > >> - Audit + NSS > >> - Userland sweep > >> - Ports + packages > >> - Language bindings > >> - Enhance audit pipe preselection > >> - Multiple audit pipelines > >> > >> - IDS/monitoring tools - Distributed audit > > - New parsing API > > > > Let the work begin! I'll be sending specific e-mails to the list to collect > > information and begin contributing. Thanks. > > Heh. I actually intended to postpone that e-mail and flesh out each of the > ideas some before sending. Sorry about that! I'll try again here rather than > sending you on an excessive wild goose chase: [SNIP]: wonderfully authored TODO list by Robert. At one point, in www/, I placed a todo list. What ever became of that? I know we never used it and if memory serves me right we were waiting on a repo-copy? Is there anything keeping us from making use of that? Thanks, -- Tom Rhodes