Keith M Wesolowski writes: > On Mon, Mar 19, 2007 at 01:41:41PM -0800, Gary Winiger wrote: > > > 2.1. The read_authorization property > > > > > Another thing I didn't note is that this a new audit event > > and record is likely to be required as this is making an > > access control decision. See > > http://opensolaris.org/os/community/arc/policies/audit-policy/ > > Yes. However, since none of the existing such decisions in configd > are generating audit events, I'd prefer that audit records be > introduced for reads at the same time they're introduced for > modifications. > > I've heard that the SMF team has some plans for this, but I don't know > the state of those plans.
The code is complete, but is in a holding pattern while one of the reviewers finishes another task. I'm not convinced it will reach putback in the next two weeks. > If this is likely to be addressed in the > next week or two, I'd appreciate a pointer to the changes so that I > can incorporate them for my work as well. Can anyone familiar with > that work comment? I've asked Tom Whitten (who wrote the configd audit code) to write up the current plan for his audit events and post them here so that we can reconcile his modification events with the plans for reading events. liane -- Liane Praza, Solaris Kernel Development liane.praza at sun.com - http://blogs.sun.com/lianep
