On Friday 06 February 2009 11:15:14 am Mimi Zohar wrote: > The integrity auditing discussions took place a while ago in August 2007 > (http://osdir.com/ml/linux.redhat.security.audit/2007-09/msg00007.html).
Thanks for the refresh. Its been so long, I forgot about this. :) Re-reading the thread, we never had closure on the audit event format. > The integrity patches are in security-testing-2.6/#next and the auditd > patch I just posted to linux-audit. How do you suggest we go forward? We need to go over the event format and make sure its got everything we need in it. We also need to review the code that touches the audit system and make sure its using the audit API the way we intended. I'd like to do this on the linux-audit mail list so there is a record of it in the audit archives. Thanks, -Steve -- Linux-audit mailing list Linux-audit@redhat.com https://www.redhat.com/mailman/listinfo/linux-audit
