On Thu, 5 Apr 2001, Ion Badulescu wrote:
> On Thu, 5 Apr 2001, Andreas Dilger wrote:
> > Why do it from user space? Simply add a printk() to sys_init_module() or
> > similar.
> Agreed, but at that point the solution has absolutely nothing to do with
> insmod anymore. :-)
> Besides, as you said, I don't really see the point. It certainly doesn't
> help with logging the actions of an attacker, and on the other hand kmod
> already logs its own actions.
Not the problem being discussed , This is a user now root &
having gained root is now attempting to from the command line
to load a module . How do we get this event recorded ? kmod
only works when the user calles for the service & then it loads
it . Tia , JimL
+----------------------------------------------------------------+
| James W. Laferriere | System Techniques | Give me VMS |
| Network Engineer | 25416 22nd So | Give me Linux |
| babydr@baby-dragons.com | DesMoines WA 98198 | only on AXP |
+----------------------------------------------------------------+
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/