POSIX.1E: Auditing Support for FreeBSD

POSIX.1E defines a set of security extensions for POSIX-compliant systems. This is a first pass at auditing support for FreeBSD, implemented to the POSIX.1E spec. This code is still EXPERIMENTAL and is not complete by any means. For example, while the userland library is essentially complete, and documentation is largely there, few syscalls are audited at this point, and no filtering mechanism is in place to filter audit records.


This code is available under a two-clause BSD-style license. Any suggestions or improvements are welcomed by the author.


SRI is funding the development of a revised higher-performance audit implementation, which hopefully will be available in the next couple of months. Announcements of availability will be posted here and on freebsd-security.

Email Contact

Email Robert Watson for more information or to suggest changes to this page.

Back to the FreeBSD POSIX.1E Page
Back to the FreeBSD Hardening Project

Last modified: Fri Mar 26 16:13:27 EST 1999