In message <1554...@axl.noc.iafrica.com>, Sheldon Hearn writes:
On Tue, 18 Jan 2000 08:05:15 PST, Cy Schubert - ITSD Open Systems Group wrote
If I may offer a half-baked idea: Why not a kernel module that
implements the access list at execve(2) for any shell or binary.
Did you take a look at the spy(4) module, URLs for which I posted
earlier in this thread? Somewhere between abial's and rwatson's work
lies a solution. :-)
I noticed your comment in a posting following (in sequence #) the note
I replied to.
Having had a cursory look at it, it looks interesting. It reminds me
of Tru64-UNIX's audit log or MVS's SMF. I'm not running -current,
though I'm preparing my X server machine (486DX/33 -- picked up a
couple of small SCSI drives for free) as a testbed to test -current on
older hardware. I can check it out then.
Regards, Phone: (250)387-8437
Cy Schubert Fax: (250)387-5766
Sun/DEC Team, UNIX Group Internet: Cy.S...@uumail.gov.bc.ca
Province of BC
To Unsubscribe: send mail to majo...@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message