File: TODO

package info (click to toggle)
audit 1%3A3.0-2
  • links: PTS, VCS
  • area: main
  • in suites: bookworm, bullseye, sid
  • size: 6,320 kB
  • sloc: ansic: 52,040; sh: 4,869; python: 2,468; makefile: 1,419; sed: 32
file content (20 lines) | stat: -rw-r--r-- 874 bytes parent folder | download
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
Future roadmap (subject to change):
===================================
3.0
* If searching user/group doesn't map to uid/gid, do translated string search
* audisp-remote, add config to say what home network is so laptops don't try if their not on a network that can reach the server.
* Container support

3.1
* Support TLS PSK as remote logging transport
* Basic HIDS based on reactive audit component
* Support multiple time streams when searching
* In audispd, look into non-blocking handling of write to plugins
* Add keywords for time: month-ago, this-hour, last-hour

3.1.1
* Add rule verify to detect mismatch between in-kernel and on-disk rules
* Fix audit.pc.in to use Requires.private
* Change ausearch to output name="" unless its a real null. (mount) ausearch-report.c, 523. FIXME
* Fix SIGHUP for auditd network settings
* Add ability to filter events in auditd