|
From: | John Ogness |
Subject: | Re: [Dazuko-devel] logging access attempts denied |
Date: | Sun, 17 Oct 2004 21:23:37 +0200 |
User-agent: | Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.7.1) Gecko/20040808 |
Blair, Don (Space Technology) wrote:
For security purposes, I have a need to log access to files that were denied. Is it possible to get that information using dazuko? Or does the code have to be modified to get that information? Any suggested patches?
Hi,Applications registered with Dazuko receive the UID of the process trying to open the file and the name of the file. Using this information it would be possible for your registered application to determine if the user would be able to open the file.
There is no direct event from Dazuko generated for failed open's. Under Linux 2.4 Dazuko could be pretty easily modified to generate "ON_OPEN_FAILED" events. Under Linux 2.6 this would not be possible because Dazuko uses the LSM framework for Linux 2.6. A new DazukoFS is in the works that would make this possible under Linux 2.6, but that is still about 5 months away (and has other issues).
But as I said at the beginning, this could theoretically be determined from your registered application and not require modifications of Dazuko.
John Ogness -- Dazuko Maintainer
[Prev in Thread] | Current Thread | [Next in Thread] |