--- Where? I don't see it in the task struct. In my reading of the CAPP, it says it wants things tracked on a user-id basis for audit purposes. Session auditing is a tangential function that would not appear to satisfy the CAPP.
> This would > allow the same/equivalent audit trail, and could also be used for > accounting logs to generate session level accounting.
--- How is a session defined? Where is it setup and authenticated? CAPP requires a certain minimal authentication strength to be checked to initiate a user session and to begin auditing that user.Besides, couldn't you do the same type of auditing with a LUID? For security purposes, it seems you could track user activity between a login/logout?
I don't want to make this more complex than it needs to be since security is inversely proportional to complexity.
-l
-- Linda A Walsh | Trust Technology, Core Linux, SGI law@sgi.com | Voice: (650) 933-5338- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/