AIDE/Tripwire
Michael Schwendt
ms-nospam-0306 at arcor.de
Wed Aug 13 15:11:26 UTC 2003
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 13 Aug 2003 14:11:56 +0100, Mr. Adam ALLEN wrote:
> > > Maybe just setup a magic policy directory (ala /etc/tripwire.d ) .. that
> > > each RPM can drop its "specs" into and have the policy generated
> > > automatically or something..
> I think it's dangerous to automatically rebuild the database,
I think nobody has suggested to rebuild the database automatically.
The question I have raised earlier is whether to ship a default
policy file that covers a full install of the distribution? And in
case this is desired, whether and how to create it manually or
automatically? Especially Tripwire uses policy directives which
sort files into different security levels.
Users of Tripwire and Red Hat Linux moan about a default policy file
that covers files which are not installed actually. This creates
security reports which include many "file does not exist" warnings.
The tools to drop such files from the config are not included. You
can create a rough Perl script yourself or try to find an existing
one via Google. But that only shows that the package is incomplete
and needs enhancement.
Tommy McNeely's suggestion to tie RPM to the IDE by using a ``magic
policy directory (ala /etc/tripwire.d ) .. that each RPM can drop
its "specs" into'' is ridiculous IMHO. Just note, that a) the
Tripwire project page looks abandoned for a long time, that b)
the information in those tripwire.d files is very likely not
different from what is contained within the rpmdb-redhat already,
and that c) nobody would maintain extra information which could
not be extracted from src.rpms/rpmdb automatically.
Every solution which requires additional maintenance is out of
question.
Red Hat have dropped Tripwire due to resource constraints. Resource
constraints are not specific to Red Hat. A community packager is
also affected by resource constraints.
- --
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
iD8DBQE/OlUe0iMVcrivHFQRAihEAJ9Qq7sMxPmVUDVc0gT8sQP6tX6IbwCfUc09
B6Tx6ZNjsrZF+ThGnztGWVA=
=wtpd
-----END PGP SIGNATURE-----
More information about the fedora-test-list
mailing list