On Friday, November 06, 2015 01:09:24 PM Robert Jacobson wrote: > Thanks for taking the time to write such an informative response.
Np. I just wanted everyone to know the reason behind why you can't. Its not for a lack of desire, but more a central conflict in the paradigm behind each group (fork/execve vs dbus+activation) and the struggle to get this in the kernel for 3 solid years. Once its accepted by Linus, I think it'll take about a year to polish the desktop for it and plumb gnome/polkit/udev. > Is there a roadmap for the kernel dbus module? It was recently in rawhide but got pulled back out because they are re- thinking a few things. http://www.phoronix.com/scan.php?page=news_item&px=Fedora-Drops-KDBUS There was even patches on linux-audit over the last couple weeks to review the LSM/selinux hooks. The work is ongoing. It will not be in RHEL7, though. That said, you can audit some things by placing a watch on specific helpers in /usr/libexec. -Steve -- SCAP Security Guide mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide https://github.com/OpenSCAP/scap-security-guide/
