I want to make the function which check the file access
(create(), unlink(), and rename(), etc.)
and take the log.
When succeeding in the file access or becoming permission error,
kernel gathers the log.
Then,the security of Linux will improve.
(For example, by recording the access of files in /etc directory by this function;
The system administrator can understand a bad user to operate.)
I am examining how to make it now.
Basic concepts are as follows.
- I think that the layer of access check is VFS in the kernel.
- Information on the access check is written in the buffer in kernel,
and the record is taken out from kernel buffer by logging daemon.
- I will make the tool which retrieves and displays the gathered log later.
Thanks.
--------------------------------------
Yasunori Goto
Development Department 2
Basis Software Division
Software Group
FUJITSU LIMITED
E-mail: y-goto@jp.fujitsu.com
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/