AIDE/Tripwire
Tommy McNeely
tommy.mcneely at sun.com
Tue Aug 12 20:16:25 UTC 2003
Leonard den Ottolander wrote:
>Hi Michael,
>
>
>
>>I don't know how Red Hat have
>>created the default file, but it *might* be an idea to automate it based
>>on the files listed in rpmdb-redhat.
>>
>>
>
> You don't really need the rpmdb. Just finding all files in the
>relevant directories and generating the twpol from that is quite easy
>to accomplish and causes less overhead than using the rpmdb. Something
>like
>
>for dr in /bin /sbin /usr/bin /usr/sbin /lib
>do
> find /bin -type f -exec echo -e " {}\t\t\t-> \$(SEC_CRIT2) ;" >>
>twpol.tmp \;
>done
>
>(/etc is a bit more difficult than this of course.)
>
>
>
Maybe just setup a magic policy directory (ala /etc/tripwire.d ) .. that
each RPM can drop its "specs" into and have the policy generated
automatically or something.. ofcourse i am showing my nievity with
tripwire.. I think you need like 7 passwords to generate a policy, but
something along these lines would be nice.
Tommy
--
Tommy McNeely -- Tommy.McNeely at Sun.COM
Sun Microsystems -- IT CTO
Phone/Fax: x51837 / 303-395-3361
More information about the test
mailing list