Linux Security Summit 2015/Abstracts/Moore
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.
Title
Discussion: Rethinking Audit
Presenter
Paul Moore, Red Hat
Abstract
The kernel's audit subsystem is an interesting thing: it is a must have for many security conscious users, but it is largely unloved by kernel developers, even the security focused developers. Due to this lack of interest by kernel developers the kernel's audit code and interfaces have become a bit of a mess. This discussion topic will identify some of these problem areas for audit and present some possible solutions.