Learning mode issues

Submit your RBAC policies or suggest policy improvements

Learning mode issues

Postby Loggy » Wed Jun 16, 2004 12:21 pm

1 Other than copying the learning log to another machine, would it not be better for gradm to be able to run in learning mode while grsec is enabled and the system remains protected?

2 What does grlearn do?

3 Is is worth including a flag to modify the buffer size when learning for those with a lot of memory to spare - or even restrict it if you don't want to hog all the memory?

4 When using the learning flag in the ACLs for role or subject, rather than fail if there are any more instructions, could learning not either ignore the instructions or include them in the output? Maybe this could be extended to re-output ACLs for roles and subjects that are not being learned.
This would make maintenance easier and could enable for example the flags to be reset on a particular subject or object.
Posts: 14
Joined: Tue Nov 18, 2003 5:28 am

Return to RBAC policy development