Ole Laursen <[EMAIL PROTECTED]> writes: > A hack that might work would be to use inotify to monitor /usr/bin and > other directories with binaries. > > BTW, does your project haave a web page? It sounds interesting, I have > read a couple of papers with similar ideas.
Hi, thanks for your input. I'm afraid I don't have a website for it at the moment, at least not on a page viewable outside my university's network. I'm basically trying to figure out exactly what information it is possible for me to collect at the moment, so that I can start to get some idea of what approaches I can use algorithmically. When I have something a little more concrete to show I'll let you know. re your suggestion: If I use inotify on the /usr/bin directories, is this not similar to the way top monitors the /proc filesystem to provide it's information? Also, how would I be able to determine who (user-wise) executed the binary with that method? One of my big problems is that I only want to record applications that were explicitly invoked by the user, not system processes etc. I don't think it would be much use having an 'intelligent' suggestion recommending the d-bus message daemon for instance. On this note, is there a better way to tell a user invoked process from a system one or daemon than the uid or effective uid? Can i use information about when it was started etc? _______________________________________________ gnome-devel-list mailing list [email protected] http://mail.gnome.org/mailman/listinfo/gnome-devel-list
