Gentoo Archives: gentoo-security

From: Tom Hosiawa <tomek32@××××××.com>
To: gentoo-security <gentoo-security@l.g.o>
Cc: Peter Warmuz <peter@××××××××××××××.com>
Subject: [gentoo-security] tripwire policy generator
Date: Thu, 25 Mar 2004 07:07:10
1 I've used tripwire a little bit, and I'm starting to like it.
3 The biggest problem I see with it, is the default policy is setup for
4 Red Hat, not for Gentoo. I know a Gentoo policy file exists in bugzilla,
5 but I'm thinking of creating a script to generate the policy file based
6 specifically on installed packages in portage.
8 So before I go ahead with this plan, I thought I get some feedback on my
9 ideas.
11 >From playing around with the policy file, I see it groups and
12 categorizes files into different security types and priorities such as
13 critical, suid, config , log, etc.
15 So for every installed package, I would put it into its own group. Than
16 I would assign binary files (/bin, /usr/bin), superuser files (/sbin,
17 /usr/sbin), suid (search for them), config (/etc), log (/var/log) files
18 into their appropriate categories.
20 Finally, providing options to generate it for only system packages with
21 no user input, and individual package selection should be an option.
23 Tom
26 --
27 gentoo-security@g.o mailing list


Subject Author
Re: [gentoo-security] tripwire policy generator Ronan Mullally <ronan@×××.ie>
Re: [gentoo-security] tripwire policy generator Michel Wilson <michel@×××××××.net>
Re: [gentoo-security] tripwire policy generator Daniel Brandt <daniel.brandt@××××.se>