Gentoo Archives: gentoo-security

From: darren kirby <bulliver@×××××××××××.org>
To: gentoo-security@l.g.o
Subject: [gentoo-security] Sane default tripwire policy file
Date: Wed, 06 Sep 2006 21:53:15
Message-Id: 200609061424.47676.bulliver@badcomputer.org
I spent several hours yesterday and today fleshing out a proper default policy 
file for Gentoo. Now we don't have use the crappy Redhat version from 2002 
that ships with tripwire. I have made it more 'gentooesque' by arranging the 
files/rules based on the package that installs them rather than their 
function. Now a Gentoo system admin can simply comment out an entire block of 
rules for packages that are not installed. I hope it works well for people, 
and maybe after a bit of tweaking by a dev we can get it bundled with the 
tripwire install. 

 I posted it (along with more explanation) over at gentoo bugzilla[1]. I plan 
to improve it even more, and add rules for commonly installed apps such as 
Apache, MySql, Bind, PHP, syslog-ng, vixie-cron and so on. I will post all my 
revisions on my personal site[2].

[1] http://bugs.gentoo.org/show_bug.cgi?id=34662
[2] http://badcomputer.org/unix/tripwire.pol.gentoo

-d
-- 
darren kirby :: Part of the problem since 1976 :: http://badcomputer.org
"...the number of UNIX installations has grown to 10, with more expected..."
- Dennis Ritchie and Ken Thompson, June 1972