1 |
On 25/11/16 11:51, Jason Zaman wrote: |
2 |
> Ideally, rkhunter should just have a policy. |
3 |
> It would need something like: cron_system_entry(rkhunter_t, rkhunter_exec_t) |
4 |
> If you wanted to write one, basing it off the aide policy would probably |
5 |
> help. |
6 |
> https://gitweb.gentoo.org/proj/hardened-refpolicy.git/tree/policy/modules/contrib/aide.te |
7 |
> Its quite a simple policy, it pretty much just needs to read everything |
8 |
> on disk. |
9 |
|
10 |
Well, I want to learn more about SELinux so writing and testing a |
11 |
"proper" policy sounds like an idea. I will give it a go. |
12 |
|
13 |
Robert |