On Thursday 28 September 2006 14:10, Michael C Thompson wrote: > Before the user has authenticated, the only point of failure which is > policy related is obtaining the default type for a role if the type is > left unspecified. I do not see this as an error worthy of auditing, > since I frequently mistype my intended role.
I think we want to capture these since it would be a way for people to probe the policy without being caught. > After this check, almost all subsequent points of failure are due to > errors I would consider to be unexpected (e.g. ENOMEM), although some > are due to relabeling the tty, which can fail in enforcing mode. We > already have AVC messages which handle this, but should this failure be > audited? I think all failures due to user actions should be reported in audit message. Failures due to system resource exhaustion shouldn't be. The AVC does not substitute for a newrole originating message since you have to infer what the outcome was. -Steve -- redhat-lspp mailing list [email protected] https://www.redhat.com/mailman/listinfo/redhat-lspp
