Re: [Dazuko-devel] logging access attempts denied

dazuko-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Dazuko-devel] logging access attempts denied

From:	John Ogness
Subject:	Re: [Dazuko-devel] logging access attempts denied
Date:	Sun, 17 Oct 2004 21:23:37 +0200
User-agent:	Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.7.1) Gecko/20040808

Blair, Don (Space Technology) wrote:

For security purposes, I have a need to log access to files that were denied.  
Is it possible to get that information using dazuko?  Or does the code have to 
be modified to get that information?  Any suggested patches?

Hi,

Applications registered with Dazuko receive the UID of the processtrying to open the file and the name of the file. Using this informationit would be possible for your registered application to determine if theuser would be able to open the file.

There is no direct event from Dazuko generated for failed open's. UnderLinux 2.4 Dazuko could be pretty easily modified to generate"ON_OPEN_FAILED" events. Under Linux 2.6 this would not be possiblebecause Dazuko uses the LSM framework for Linux 2.6. A new DazukoFS isin the works that would make this possible under Linux 2.6, but that isstill about 5 months away (and has other issues).

But as I said at the beginning, this could theoretically be determinedfrom your registered application and not require modifications of Dazuko.


John Ogness

--
Dazuko Maintainer

[Prev in Thread]

Current Thread

[Next in Thread]

[Dazuko-devel] logging access attempts denied, Blair, Don \(Space Technology\), 2004/10/16
- Re: [Dazuko-devel] logging access attempts denied, John Ogness <=

Prev by Date: [Dazuko-devel] logging access attempts denied
Next by Date: Re: [Dazuko-devel] Anyone success in Dazuko 2.0.4-pre2 and Fedora 2?
Previous by thread: [Dazuko-devel] logging access attempts denied
Next by thread: [Dazuko-devel] 2.0.4-pre4 posted
Index(es):
- Date
- Thread