Date: Thu, 1 Nov 2001 01:32:08 +0000 (GMT) From: rik@rikrose.net To: edwin chen <slack@suntop-cn.com> Cc: freebsd-security@FreeBSD.ORG Subject: Re: audit question Message-ID: <Pine.LNX.4.21.0111010111340.32541-100000@pkl.net> In-Reply-To: <009401c16216$08386240$9201a8c0@home.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 31 Oct 2001, edwin chen wrote: > hi, everybody Hi Doctor Nick.. uh, I mean edward. > if I want log a message "who visit which file or > directory, when is it happend=A3=BF", what command I need ? If *I* wanted to do this, I'd hack the fie-related syscalls (well, probably not all of them. I'm not very good at this), to append stuff to /root/file-log and probably panic the system every half an hour and got overlapping logs due to not getting atomic write's correct, and the system would slow to a crawl, but then I'm No Expert. so yeah. good luck with it. Oh, and process accounting may already do some of this stuff... --=20 PGP Key: D2729A3F - Keyserver: wwwkeys.uk.pgp.net - rich at rdrose dot org Key fingerprint =3D 5EB1 4C63 9FAD D87B 854C 3DED 1408 ED77 D272 9A3F Public key also encoded with outguess on http://rikrose.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.LNX.4.21.0111010111340.32541-100000>