| audit.4 (243752) | audit.4 (267938) |
|---|---|
| 1.\" Copyright (c) 2006 Robert N. M. Watson 2.\" All rights reserved. 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. --- 8 unchanged lines hidden (view full) --- 17.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 18.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 19.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 20.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 21.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 22.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 23.\" SUCH DAMAGE. 24.\" | 1.\" Copyright (c) 2006 Robert N. M. Watson 2.\" All rights reserved. 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. --- 8 unchanged lines hidden (view full) --- 17.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 18.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 19.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 20.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 21.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 22.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 23.\" SUCH DAMAGE. 24.\" |
| 25.\" $FreeBSD: head/share/man/man4/audit.4 243752 2012-12-01 15:11:46Z rwatson $ | 25.\" $FreeBSD: head/share/man/man4/audit.4 267938 2014-06-26 21:46:14Z bapt $ |
| 26.\" 27.Dd May 31, 2009 28.Dt AUDIT 4 29.Os 30.Sh NAME 31.Nm audit 32.Nd Security Event Audit 33.Sh SYNOPSIS --- 84 unchanged lines hidden (view full) --- 118.An Wayne Salamon , 119.An Robert Watson , 120and SPARTA Inc. 121.Pp 122The Basic Security Module (BSM) interface to audit records and audit event 123stream format were defined by Sun Microsystems. 124.Pp 125This manual page was written by | 26.\" 27.Dd May 31, 2009 28.Dt AUDIT 4 29.Os 30.Sh NAME 31.Nm audit 32.Nd Security Event Audit 33.Sh SYNOPSIS --- 84 unchanged lines hidden (view full) --- 118.An Wayne Salamon , 119.An Robert Watson , 120and SPARTA Inc. 121.Pp 122The Basic Security Module (BSM) interface to audit records and audit event 123stream format were defined by Sun Microsystems. 124.Pp 125This manual page was written by |
| 126.An Robert Watson Aq rwatson@FreeBSD.org . | 126.An Robert Watson Aq Mt rwatson@FreeBSD.org . |
| 127.Sh BUGS 128The 129.Fx 130kernel does not fully validate that audit records submitted by user 131applications are syntactically valid BSM; as submission of records is limited 132to privileged processes, this is not a critical bug. 133.Pp 134Instrumentation of auditable events in the kernel is not complete, as some 135system calls do not generate audit records, or generate audit records with 136incomplete argument information. 137.Pp 138Mandatory Access Control (MAC) labels, as provided by the 139.Xr mac 4 140facility, are not audited as part of records involving MAC decisions. | 127.Sh BUGS 128The 129.Fx 130kernel does not fully validate that audit records submitted by user 131applications are syntactically valid BSM; as submission of records is limited 132to privileged processes, this is not a critical bug. 133.Pp 134Instrumentation of auditable events in the kernel is not complete, as some 135system calls do not generate audit records, or generate audit records with 136incomplete argument information. 137.Pp 138Mandatory Access Control (MAC) labels, as provided by the 139.Xr mac 4 140facility, are not audited as part of records involving MAC decisions. |