Progress in security module stacking

For every failed access decision, generate a random token (e.g. a UUID), record that token both in the LSM's audit logs and return it to the calling process, which then logs it using its usual mechanisms (e.g. print to stderr, write to some log file etc). Provide a utility which requires elevated privileges to run (e.g. root, membership of some group, etc), which when given such a token, scans the LSM's audit logs, and generates the detailed information on why the access attempt was rejected. That way, there is no information leak - you need to be privileged to find out why the access attempt failed - but for those with privilege it should be easier than it is at present.