Next: DNA8.1 and klids
There will be different kinds of logs.
- Logs when a LIDS' flag is switched.
- Logs when a program want to do a thing whose needed capability it doesn't have.
- Logs when a program want to access a file in a way that it is not authorized to.
- Logs when a port scan is detected.
Each kind of logs will have the following attributes :
- His own kernel logging priority, from KERN_EMERG to KERN_DEBUG, or none (-1).
- A pointer to a function that will send the alert by mail, or NULL
- A pointer to a function that will send the alert in an udp packet (for remote syslogs) or NULL
- A pointer to a function that will hang the terminal up, or NULL