> > However, I am fairly skeptical that we could add per-key rate limiting > without introducing a non-trivial amount of overhead to record > generation, which would be a show stopper for this feature given its > expected limited appeal. >
I understand the reservation. I will spend some time to analyze it impact Steve, about your comment: > There just really isn't room to add more thinkgs without some userspace API > problem. (This would definitely need a feaure bitmap so user space can make > sense of it.) I was not aware that this could cause problems in the userspace API. Key based filtering for rate limiting could be a useful feature. It is something that would help us a lot. -- Anurag Aggarwal -- Linux-audit mailing list Linux-audit@redhat.com https://listman.redhat.com/mailman/listinfo/linux-audit
