[OpenAFS] Monitoring bad ACLs of webpages: best practices? faster search?
Sat, 8 May 2010 00:37:22 -0400
> -----Original Message-----
> From: firstname.lastname@example.org [mailto:openafs-info-
> email@example.com] On Behalf Of Jeffrey Altman
> Sent: Friday, May 07, 2010 3:21 PM
> To: firstname.lastname@example.org
> Subject: Re: [OpenAFS] Monitoring bad ACLs of webpages: best =
> faster search?
> There are audit logs that you can turn on which will log every
> ACL change. Audit log output can be written to a pipe so that
> a process can scan then in real time. You can then have that
> process send e-mail, log warnings, or even alter the ACL if
> There will be a talk at the upcoming workshop describing how
> a combination of dump scanning and audit stream parsing was
> used to enforce export compliance regulations.
> Jeffrey Altman
Could you explain a bit more about the audit logs showing the ACL change =
data (and perhaps some example usage)? Our institution has had some of =
the same concerns brought up in this thread, and hope to implement one =
or a series of solutions to prevent damage from poorly thought out ACLs =
that users may create. While this would be an after-the-fact log scan, =
it would still prove to be extremely useful.
Stephen (Trey) Repetski
email@example.com | firstname.lastname@example.org
srepetsk.net | RIT '13, TJHSST '09