Date: Mon, 18 Sep 2006 10:43:36 GMT From: Robert Watson <rwatson@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 106287 for review Message-ID: <200609181043.k8IAhaUe077090@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=106287 Change 106287 by rwatson@rwatson_zoo on 2006/09/18 10:42:48 Update HISTORY for things done recently towards OpenBSM 1.0 alpha 11. Affected files ... .. //depot/projects/trustedbsd/openbsm/HISTORY#28 edit Differences ... ==== //depot/projects/trustedbsd/openbsm/HISTORY#28 (text+ko) ==== @@ -1,5 +1,23 @@ OpenBSM 1.0 alpha 11 +- Reclassify certain read/write operations as having no class rather than the + fr/fw class; our default classes audit intent (open) not operations (read, + write). + +- Introduce AUE_SYSCTL_WRITE event so that BSD/Darwin systems can audit reads + and writes of sysctls as separate events. Add additional kernel + environment and jail events for FreeBSD. + +- Break AUDIT_TRIGGER_OPEN_NEW into two events, AUDIT_TRIGGER_ROTATE_USER + (issued by the user audit(8) tool) and AUDIT_TRIGGER_ROTATE_KERNEL (issued + by the kernel audit implementation) so that they can be distinguished. + +- Disable rate limiting of rotate requests; as the kernel doesn't retransmit + a dropped request, the log file will otherwise grow indefinitely if the + trigger is dropped. + +- Improve auditd debugging output. + OpenBSM 1.0 alpha 10 - auditd now generates complete audit records for its events, as required for @@ -211,4 +229,4 @@ to support reloading of kernel event table. - Allow comments in /etc/security configuration files. -$P4: //depot/projects/trustedbsd/openbsm/HISTORY#27 $ +$P4: //depot/projects/trustedbsd/openbsm/HISTORY#28 $
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200609181043.k8IAhaUe077090>