From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.12) Gecko/20050922 Fedora/1.0.7-1.1.fc4 Firefox/1.0.7 Description of problem: Ability to track child processes. There is a need to be able to audit the actions of a child process. For example, maybe we add a rule to audit a specific pid like apache's. We may need to collect all syscall data for any child it spawns. This can be done by matching on session id, process group, and/or another mechanism. I leave this as an "and" since all 3 things may need to be implemented. Process group and session ID are not fool proof, but work for any non-malicious program. If we want to consider tracking possibly untrusted apps - we need to implement another mechanism. Version-Release number of selected component (if applicable): kernel-2.6.9-25 How reproducible: Didn't try Steps to Reproduce: 1. New Feature Request Additional info:
Thank you for submitting this issue for consideration in Red Hat Enterprise Linux. The release for which you requested us to review is now End of Life. Please See https://access.redhat.com/support/policy/updates/errata/ If you would like Red Hat to re-consider your feature request for an active release, please re-open the request via appropriate support channels and provide additional supporting details about the importance of this issue.