[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

File watch on group



Title: File watch on group

I would like to put a watch on a file for rwxa for a
File being accessed by someone who is not in the same group as the file.

For example:
  I have a file /var/myapp/logs    640 ntsw:ntsec
 
So basically I have my application log files that are readable by anyone in the ntsec group.
However if someone in another group like ntadm group tries to rwxa that file I would like to log it.

Can this be done using an audit rule?

Ameel Kamboh
SIP Core Network and Security
Phone: 972.685.4922 (esn 445-4922)
Mobile: 978-590-2280
SIP: akamboh techtrial com
email: akamboh nortel com




[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]