From mboxrd@z Thu Jan 1 00:00:00 1970 From: Tracy Reed Subject: Re: PCI-DSS: Log every root actions/keystrokes but avoid passwords Date: Tue, 12 Mar 2013 14:09:37 -0700 Message-ID: <20130312210936.GT4555@tracyreed.org> References: <20130311194855.GQ4555@tracyreed.org> <772443219.6157356.1363086419594.JavaMail.root@redhat.com> <20130312204742.GD23106@madcap2.tricolour.ca> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Return-path: Content-Disposition: inline In-Reply-To: <20130312204742.GD23106@madcap2.tricolour.ca> List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: linux-audit-bounces@redhat.com Errors-To: linux-audit-bounces@redhat.com To: Richard Guy Briggs Cc: linux-audit@redhat.com, Miloslav Trmac List-Id: linux-audit@redhat.com On Tue, Mar 12, 2013 at 01:47:42PM PDT, Richard Guy Briggs spake thusly: > I'm actually working on that right now. I have a patch I am in the > process of testing. It implements a new sysctl. I'm working in > the upstream kernel, so it will likely be available in Linus' git tree > before anywhere else. After that, likely fedora, then RHEL, but I'm a > bit new to that process. Wow, thanks! Always glad to see good security features/auditing being added to the kernel. Although I'm surprised a new sysctl was necessary and it couldn't all be done in auditd in userspace. I look forward to reading over the code to learn what into this. Please do post the patch here when you have it worked out as I am very likely to miss it in the flood of kernel patches when it goes to/from Linus. Thanks again! -- Tracy Reed