From: Paul Moore <paul@paul-moore.com>
To: "Paccagnella, Riccardo" <rp8@illinois.edu>
Cc: "rgb@redhat.com" <rgb@redhat.com>,
"Dave \(Jing\) Tian" <daveti@purdue.edu>,
"Liao, Kevin" <kliao6@illinois.edu>,
"linux-audit@redhat.com" <linux-audit@redhat.com>,
"Bates, Adam" <batesa@illinois.edu>
Subject: Re: [RFC] Tamper Evident Logging on Linux Audit
Date: Sat, 29 Aug 2020 11:42:29 -0400 [thread overview]
Message-ID: <CAHC9VhQzeC7VuZ_sscosyHh4mHvo1fBA6OCMBDjsz2S9z-_SUw@mail.gmail.com> (raw)
In-Reply-To: <B257B8BE-4B7F-42BE-BD84-155406FF3FC3@illinois.edu>
On Thu, Aug 27, 2020 at 12:25 PM Paccagnella, Riccardo <rp8@illinois.edu> wrote:
>
> Dear Linux Audit Team,
> My team and I would like to share with you some recent research results that we hope will be interesting to you. In a nutshell, we designed a kernel-based tamper-evident logging system and implemented a proof of concept of it on top of Linux Audit. Would you be interested in the possibility of incorporating our system in the upstream version of Linux Audit? We envision a small extension to Linux Audit that would allow users to enable integrity protection for the logs if desired. For reference, this is our paper and this is our proof-of-concept implementation.
>
> Thanks very much in advance and best regards,
> Riccardo
Hi Riccardo,
Often it helps to discuss new features in the context of a patch
submission; it helps remove ambiguity and is an easy way to offer
feedback. It would appear that you already have patches so I would
suggest you prepare those for posting on-list, complete with an
in-depth commit description, so we can discuss further.
If you are unfamiliar with submitting Linux kernel patches, the link
below may be helpful:
* https://www.kernel.org/doc/html/latest/process/submitting-patches.html
--
paul moore
www.paul-moore.com
--
Linux-audit mailing list
Linux-audit@redhat.com
https://www.redhat.com/mailman/listinfo/linux-audit
prev parent reply other threads:[~2020-08-29 15:43 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-08-27 16:25 [RFC] Tamper Evident Logging on Linux Audit Paccagnella, Riccardo
2020-08-29 15:42 ` Paul Moore [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAHC9VhQzeC7VuZ_sscosyHh4mHvo1fBA6OCMBDjsz2S9z-_SUw@mail.gmail.com \
--to=paul@paul-moore.com \
--cc=batesa@illinois.edu \
--cc=daveti@purdue.edu \
--cc=kliao6@illinois.edu \
--cc=linux-audit@redhat.com \
--cc=rgb@redhat.com \
--cc=rp8@illinois.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.