Casper.Dik at Sun.COM wrote: >> The project team and Joerg are in agreement that it is going through >> the SFW consoldation. The plan is to deviate as little as possible >>from the upstream community. >> The outstanding issue is the rmt and auditing. Once we have reviewed >> that issue we will have a proposal for how to comply. If need be, >> we might have to modify the code and try to sell the fix upstream. >> We will work with Joerg on that. As stated before, we don't want to >> deviate much, if at all, from the original source. For updates, we want to >> be pulling from Joerg's source. > > > I'm wondering about the audit requirement; "rmt" is just a program > which writes to a tape (or file) on the local system. > > Why would it need more auditing than "rshd/sshd" provide, including > the fact that /etc/rmt is executed?
sshd and rshd *do* audit, rshd does it indirectly because it uses /bin/login, sshd directly creates audit events. -- Darren J Moffat