[rsbac] logging command arguments

Amon Ott ao at rsbac.org
Tue Jan 9 09:46:00 CET 2007

On Donnerstag 04 Januar 2007 19:40, Hrvoje Marjanovic wrote:
> I am wondering if it is possible to log complete commands (together 
> arguments) with RSBAC.
> When I log EXECUTE events on FILE target. I get the events logged, 
> arguments are not logged, only command path, user, pid etc.
> Grsecurity has such a feature, but I don't think it is possible to 
> kernel with both grsecurity and rsbac.

We discussed this idea some time ago, but decided not to log the 
arguments. They blow up the logs significantly, produce extra 
overhead and are seldom needed. If you convince us that it is a 
necessary feature, we can add it as an option.

http://www.rsbac.org - GnuPG: 2048g/5DEAAA30 2002-10-22

More information about the rsbac mailing list