I have downloaded trustedbsd_audit3 through perforce, and wanna to add some further enhancement to it. I'm reading the soure code, but now have some questions:
(1)There are over 1000 system-calls in current system(including the bianry-compatible system-calls, such as functions listed in linux_sysent). But arguments-collection points are only added in about 28 funcitons. Is it sufficient? And is there any documents about why these collection points are added?
(2)What's the status of the audit-subsystem? If it has been done for 90%, or 30%? When it will be added to the release?
Thanks to all in advance.
To Unsubscribe: send mail to majo...@trustedbsd.org
with "unsubscribe trustedbsd-audit" in the body of the message