Red Hat Bugzilla – Bug 209520
[labeled networking] kernel change needed to audit xfrm/ipsec security policy changes
Last modified: 2007-11-30 17:07:34 EST
xfrm/ipsec security policy changes can currently only be audited through
auditallow rules. These have been deemed inadequate and seperate kernel
auditing is required.
Request blocker, required by LSPP.
Has the code been submitted to rhkernel-list?
no it has not. The first upstream patch which appears to address all of the
upstream concerns to this point just was sent yesterday (Nov 20) evening. I
will be building an LSPP kernel with this patch and sending it to the community.
I would not expect a rhkernel-list submission for at least another couple
weeks. Until we get good feedback.
QE ack for RHEL5.
posted to kernel list Dec 18
Patches confirmed in 2.6.18-4.el5.