| 1 |
On 25/11/16 11:51, Jason Zaman wrote: |
| 2 |
> Ideally, rkhunter should just have a policy. |
| 3 |
> It would need something like: cron_system_entry(rkhunter_t, rkhunter_exec_t) |
| 4 |
> If you wanted to write one, basing it off the aide policy would probably |
| 5 |
> help. |
| 6 |
> https://gitweb.gentoo.org/proj/hardened-refpolicy.git/tree/policy/modules/contrib/aide.te |
| 7 |
> Its quite a simple policy, it pretty much just needs to read everything |
| 8 |
> on disk. |
| 9 |
|
| 10 |
Well, I want to learn more about SELinux so writing and testing a |
| 11 |
"proper" policy sounds like an idea. I will give it a go. |
| 12 |
|
| 13 |
Robert |
Archives