On Fri, May 24, 2013 at 12:11:44PM -0400, Eric Paris wrote: > The audit_status structure was not designed with extensibility in mind. > Define a new AUDIT_SET_FEATURE message type which takes a new structure > of bits where things can be enabled/disabled/locked one at a time. This > structure should be able to grow in the future while maintaining forward > and backward compatibility (based loosly on the ideas from capabilities > and prctl) > > This does not actually add any features, but is just infrastructure to > allow new on/off types of audit system features.
This is the sort of infrastructure that occured to me for the audit_tty_status structure, when I implemented the password logging switch... > Signed-off-by: Eric Paris <[email protected]> - RGB -- Richard Guy Briggs <[email protected]> Senior Software Engineer Kernel Security AMER ENG Base Operating Systems Remote, Ottawa, Canada Voice: 1.647.777.2635 Internal: (81) 32635 -- Linux-audit mailing list [email protected] https://www.redhat.com/mailman/listinfo/linux-audit
