1 |
I've used tripwire a little bit, and I'm starting to like it. |
2 |
|
3 |
The biggest problem I see with it, is the default policy is setup for |
4 |
Red Hat, not for Gentoo. I know a Gentoo policy file exists in bugzilla, |
5 |
but I'm thinking of creating a script to generate the policy file based |
6 |
specifically on installed packages in portage. |
7 |
|
8 |
So before I go ahead with this plan, I thought I get some feedback on my |
9 |
ideas. |
10 |
|
11 |
>From playing around with the policy file, I see it groups and |
12 |
categorizes files into different security types and priorities such as |
13 |
critical, suid, config , log, etc. |
14 |
|
15 |
So for every installed package, I would put it into its own group. Than |
16 |
I would assign binary files (/bin, /usr/bin), superuser files (/sbin, |
17 |
/usr/sbin), suid (search for them), config (/etc), log (/var/log) files |
18 |
into their appropriate categories. |
19 |
|
20 |
Finally, providing options to generate it for only system packages with |
21 |
no user input, and individual package selection should be an option. |
22 |
|
23 |
Tom |
24 |
|
25 |
|
26 |
-- |
27 |
gentoo-security@g.o mailing list |