On Fri, Mar 13, 2020 at 12:45 PM Steve Grubb [off-list ref] wrote:
On Friday, March 13, 2020 12:42:15 PM EDT Paul Moore wrote:
quoted
quoted
I think more and more, that more complete isolation is being done,
taking advantage of each type of namespace as they become available, but
I know a nuber of them didn't find it important yet to use IPC, PID or
user namespaces which would be the only namespaces I can think of that
would provide that isolation.
It isn't entirely clear to me which side you fall on this issue, Paul.
That's mostly because I was hoping for some clarification in the
discussion, especially the relevant certification requirements, but it
looks like there is still plenty of room for interpretation there (as
usual). I'd much rather us arrive at decisions based on requirements
and not gut feelings, which is where I think we are at right now.
Certification rquirements are that we need the identity of anyone attempting
to modify the audit configuration including shutting it down.
Yep, got it. Unfortunately that doesn't really help with what we are
talking about. Although preventing the reuse of the ACID before the
SIGNAL2 record does help preserve the sanity of the audit stream which
I believe to be very important, regardless.
--
paul moore
www.paul-moore.com