| 1 |
I've used tripwire a little bit, and I'm starting to like it. |
| 2 |
|
| 3 |
The biggest problem I see with it, is the default policy is setup for |
| 4 |
Red Hat, not for Gentoo. I know a Gentoo policy file exists in bugzilla, |
| 5 |
but I'm thinking of creating a script to generate the policy file based |
| 6 |
specifically on installed packages in portage. |
| 7 |
|
| 8 |
So before I go ahead with this plan, I thought I get some feedback on my |
| 9 |
ideas. |
| 10 |
|
| 11 |
>From playing around with the policy file, I see it groups and |
| 12 |
categorizes files into different security types and priorities such as |
| 13 |
critical, suid, config , log, etc. |
| 14 |
|
| 15 |
So for every installed package, I would put it into its own group. Than |
| 16 |
I would assign binary files (/bin, /usr/bin), superuser files (/sbin, |
| 17 |
/usr/sbin), suid (search for them), config (/etc), log (/var/log) files |
| 18 |
into their appropriate categories. |
| 19 |
|
| 20 |
Finally, providing options to generate it for only system packages with |
| 21 |
no user input, and individual package selection should be an option. |
| 22 |
|
| 23 |
Tom |
| 24 |
|
| 25 |
|
| 26 |
-- |
| 27 |
gentoo-security@g.o mailing list |
Archives