Linux Security Summit 2015/Abstracts/Moore

From Linux Kernel Security Subsystem
Revision as of 15:40, 1 July 2015 by JamesMorris (talk | contribs) (→‎Title)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search


Discussion: Rethinking Audit


Paul Moore, Red Hat


The kernel's audit subsystem is an interesting thing: it is a must have for many security conscious users, but it is largely unloved by kernel developers, even the security focused developers. Due to this lack of interest by kernel developers the kernel's audit code and interfaces have become a bit of a mess. This discussion topic will identify some of these problem areas for audit and present some possible solutions.