A proposal for handling SACLs (Security Auditing) in Samba master
jra at samba.org
Sun Apr 15 14:08:44 MDT 2012
On Sat, Apr 14, 2012 at 06:39:28PM -0700, Richard Sharpe wrote:
> Hi folks,
> Here is a suggestion for handling SACLs. The most important aspect of
> any approach to handling Security Auditing is that it should have low
> cost for those who are not interested in any auditing.
> What I suggest is the following:
> 1. We add, possibly just above se_access_check (with a change to
> return the SD used, or something like that) a check to see if a SACL
> is present, and if so, call SMB_VFS_SECURITY_AUDIT passing in the fsp,
> the SACL, access desired, access granted, allowed or denied, etc.
> 2. Add a VFS routine SMB_VFS_SECURITY_AUDIT with the default behavior
> in vfs_defaults.c to simply do nothing.
> 3. Provide a standard security auditing module that logs the
> appropriate events in the current eventlog infrastructure.
> This way, those who do not want auditing pay a very small cost, and
> those who do want it can specify, on a per share basis, auditing if
> they need it. In addition, specialized auditing modules could be
> provided by those who care.
> Of course, they would have to use one of the acl modules, like
> acl_xattr or acl_tdb, as well.
This soundls like a *great* idea to allow file-by-file/directory
auditing with user settable conditions !
+1 from me. Let's target 4.0.x (not sure what .x is yet :-).
More information about the samba-technical