PERFORCE change 94164 for review

Robert Watson rwatson at FreeBSD.org
Tue Mar 28 13:32:39 UTC 2006


http://perforce.freebsd.org/chv.cgi?CH=94164

Change 94164 by rwatson at rwatson_zoo on 2006/03/28 13:31:30

	Add auditfilterd and audit filters to the history file.

Affected files ...

.. //depot/projects/trustedbsd/openbsm/HISTORY#11 edit

Differences ...

==== //depot/projects/trustedbsd/openbsm/HISTORY#11 (text+ko) ====

@@ -31,6 +31,11 @@
   This code is not built or installed by default.
 - auditd now assigns more appropriate syslog levels to its debugging and
   error information.
+- Support for audit filters introduced: audit filters are dynamically
+  loaded shared objects that run in the context of a new daemon,
+  auditfilterd.  The daemon reads from an audit pipe and feeds both BSM and
+  parsed versions of records to shared objects using a module API.  This
+  will provide a framework for the writing of intrusion detection services.
 
 OpenBSM 1.0 alpha 5
 
@@ -158,4 +163,4 @@
   to support reloading of kernel event table.
 - Allow comments in /etc/security configuration files.
 
-$P4: //depot/projects/trustedbsd/openbsm/HISTORY#10 $
+$P4: //depot/projects/trustedbsd/openbsm/HISTORY#11 $


More information about the trustedbsd-cvs mailing list