[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Linux Trace Toolkit for kernel auditing

To: kernel-audit@nl.linux.org
Subject: Re: Linux Trace Toolkit for kernel auditing
From: Bryan Paxton <evil7@bellsouth.net>
Date: Sat, 10 Jun 2000 23:08:03 -0500 (CDT)
Sender: owner-kernel-audit@nl.linux.org

On Sat, 10 Jun 2000, you wrote:
> OK, before anyone replies to this and says that I'm way off
> and yadi ... yadi ... yada ... about the fact that kernel audit
> isn't about inserting new stuff in the kernel ... read until
> the end of the message.

I don't think this is far off the subjects of this list at all.
In fact I think it's perfect.
In two ways:

1. inexperienced users to kernel hacking/auditing could use it for obvious
reasons(auditing, double checking, whatever). 

2. Experienced users could use it simply to double check their work.

As long as you and I understand that LTT will never make it into the
kernel, and that you're not trying to get it plugged in either, but simply 
advocate it so developers who are auditing can plug it into the src code
they're hacking up could use it. Then no way man. You are totally on the
right track IMHO.

Keep up the awesome work.... And this truely is an excellent idea.

-- 
Bryan Paxton

"How should I know if it works? That's what beta testers are for. I
          only coded it."
 -- Linus Torvalds.

Kernel-audit:  discussion list for security and the linux kernel
Archive:       http://mail.nl.linux.org/kernel-audit/

Prev by Date: Linux Trace Toolkit for kernel auditing
Next by Date: Re: Starting point
Prev by thread: Linux Trace Toolkit for kernel auditing
Next by thread: Re: Linux Trace Toolkit for kernel auditing
Index(es):
- Date
- Thread