From mboxrd@z Thu Jan  1 00:00:00 1970
From: Klaus Weidner <klaus@atsec.com>
Subject: Re: Auditing File Changes
Date: Mon, 10 Jul 2006 14:46:46 -0500
Message-ID: <20060710194646.GA6780@w-m-p.com>
References: <4536.216.231.24.46.1152552578.squirrel@webmail.uci.edu>
	<20060710193214.95422.qmail@web36606.mail.mud.yahoo.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Return-path: <linux-audit-bounces@redhat.com>
Received: from mx1.redhat.com (mx1.redhat.com [172.16.48.31])
	by int-mx1.corp.redhat.com (8.12.11.20060308/8.12.11) with ESMTP id
	k6AJlA9x023425
	for <linux-audit@redhat.com>; Mon, 10 Jul 2006 15:47:10 -0400
Received: from mail.atsec.com (mail.atsec.com [195.30.252.105])
	by mx1.redhat.com (8.12.11.20060308/8.12.11) with ESMTP id
	k6AJl7Rs022611
	for <Linux-audit@redhat.com>; Mon, 10 Jul 2006 15:47:08 -0400
Content-Disposition: inline
In-Reply-To: <20060710193214.95422.qmail@web36606.mail.mud.yahoo.com>
List-Unsubscribe: <https://www.redhat.com/mailman/listinfo/linux-audit>,
	<mailto:linux-audit-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/linux-audit>
List-Post: <mailto:linux-audit@redhat.com>
List-Help: <mailto:linux-audit-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/linux-audit>,
	<mailto:linux-audit-request@redhat.com?subject=subscribe>
Sender: linux-audit-bounces@redhat.com
Errors-To: linux-audit-bounces@redhat.com
To: Casey Schaufler <casey@schaufler-ca.com>
Cc: Linux-audit@redhat.com
List-Id: linux-audit@redhat.com

On Mon, Jul 10, 2006 at 12:32:14PM -0700, Casey Schaufler wrote:
> It might be an interesting project to create
> a file system that does this level of audit.
> Start with efs3's journaling mechanism and
> retain all of the update information. True,
> you'll run out of space in a hurry, but there
> may be environments that would accept that.

How about using FUSE (userspace file system) on top of a version control
system (git, subversion, ...), and using the version control system's
change records to keep track of the full history?

-Klaus