From: Paul Moore <paul.moore@hp.com>
To: Joy Latten <latten@us.ibm.com>
Cc: netdev@vger.kernel.org, linux-audit@redhat.com
Subject: Re: Missing audit information in xfrm_audit_common_policyinfo()?
Date: Mon, 26 Nov 2007 11:52:03 -0500 [thread overview]
Message-ID: <200711261152.03686.paul.moore@hp.com> (raw)
In-Reply-To: <OFDEF5C6F1.0AEFC4FF-ON8725739F.005BF832-8625739F.005C2038@us.ibm.com>
On Monday 26 November 2007 11:47:09 am Joy Latten wrote:
> Paul Moore <paul.moore@hp.com> wrote on 11/21/2007 03:34:31 PM:
> > I just noticed that the IPsec auditing code does not appear to audit the
> >
> > netmask for the selector source and destination addresses in
> > xfrm_audit_common_policyinfo(). Before I threw a patch together I
>
> thought I
>
> > would check to see if there was a reason for this that I am missing ...
>
> I don't think we ever discussed including netmask when we added the
> ipsec audit info...
Hmmm ... okay. I'm almost certain it should be included when auditing changes
to the SPD as the netmask/prefixlen is very important when considering which
traffic will be matched by a particular SPD entry.
I'm working on a patch now.
--
paul moore
linux security @ hp
next parent reply other threads:[~2007-11-26 16:53 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <OFDEF5C6F1.0AEFC4FF-ON8725739F.005BF832-8625739F.005C2038@us.ibm.com>
2007-11-26 16:52 ` Paul Moore [this message]
2007-11-21 21:34 Missing audit information in xfrm_audit_common_policyinfo()? Paul Moore
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=200711261152.03686.paul.moore@hp.com \
--to=paul.moore@hp.com \
--cc=latten@us.ibm.com \
--cc=linux-audit@redhat.com \
--cc=netdev@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.