Melissa Kilby

@darryk10 placed the rule before `Read ssh information` and used `etc_dir` macro instead, please re-review, thanks :)

> (5) Failed file access attempts seem not to be logged -> likely need `libs` src adjustments for that. Mystery solved, not a `libs` issue. Just required some experimentation and...

OMG this is amazing 💯 . Thanks for all the hard work! This is a significant and much needed cleanup and also extends configurability. Few suggestions re `single_buffer_dimension`: (1) How...

@Andreagit97 @leogr @jasondellaluce @FedeDP Go with the multiples of page sizes as parameter? Hard-code an array of let's say 10-12 values, communicate the default value as anchor point? That way...

> As said in the previous point we need at least these 2 checks: > > * upper and lower bound > * check the power of 2 > >...

@FedeDP and @Molter73 see updates in https://github.com/falcosecurity/libs/pull/524 compiling about 64 drivers was possible in about 1 min (using pre-downloaded and pre-extracted kernel headers). Would say the design @LucaGuerra proposed seems...

@loresuso as `modern_bpf` is on the near-term roadmap for initial experimental release, would it be possible to already add this new signal to `modern_bpf` as well? Would be much appreciated....

@FedeDP: Added cmake targets as I finally got to refactoring and polishing it a bit. Thanks again for the suggestion, it helped making the driver-sanity tests cleaner and easier to...

Bump: Has anyone started experimentation towards supporting a new LSM hook interface? Would it be the right timing to start prioritizing an initial solution? For instance, starting with `security_bprm_check` and...

Huh, Christmas is starting early this year ❤️ , you rock @dwindsor, way to go! --- > 1. extending the framework test of the modern probe to the old drivers...