Re: [gdm-list] Audit code for GDM


From a quick read through it looks OK to me. I'll see if I can test it at some point.

I've been looking at our new security requirements, there is a need to log whoever issues the shutdown/reboot command for the system. Recently, I've noticed in rawhide that you have to log out in order to issue shutdown. If you log out, we can't tell who's issuing the shutdown since they are now unauthenticated. :)

The way the old GDM handled this is you could disable the
Shutdown/Reboot features in the login GUI, but still keep them available
to users via the panel choices.  Perhaps users with such audit
requirements would want these features to likewise only be available via
the panel and not the login GUI directly.

And, seems like we may need to audit a user's responce to a typical govt login banner (this is a govt computer, use is subject to monitoring, blah blah blah, do you accept these conditions). I'm not quite ready for this one, but thought I'd just mention it.

I notice that the SunAudit code does work to audit whether or not the
user changed their password, and whether the password change failed or
succeeded.  Not sure, but perhaps libaudit should also support this sort
of auditing, since it seems useful.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]