Re: aide or tripwire
From: Jason Kohles (jkohles@redhat.com)Date: 12/19/01
- Previous message: bugtraq@seifried.org: "Re: aide or tripwire"
- In reply to: Rob 'Feztaa' Park: "Re: aide or tripwire"
- Next in thread: dewt: "Re: aide or tripwire"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 19 Dec 2001 14:04:29 -0600 From: Jason Kohles <jkohles@redhat.com> To: focus-linux@securityfocus.com
On Tue, Dec 18, 2001 at 03:24:22PM -0700, Rob 'Feztaa' Park wrote:
> On Mon, Dec 17, 2001 at 08:34:01PM -0500, Jim Zajkowski (dis)graced my inbox with:
> > Of course, you should still protect your tripwire database by burning it onto
> > CD, since tripwire has no protection against the database being deleted,
> > only modified.
>
> Or you could just set the file(s) immuteable flag with 'chattr -i', and
> the file cannot be changed or deleted.
>
I think you mean "chattr +i", and "cannot be changed or deleted except by
someone who then runs 'chattr -i'".
-- Jason Kohles jkohles@redhat.com Senior System Architect (703)786-8036 (cellular) Red Hat Professional Consulting (703)456-2940 (office)
- Previous message: bugtraq@seifried.org: "Re: aide or tripwire"
- In reply to: Rob 'Feztaa' Park: "Re: aide or tripwire"
- Next in thread: dewt: "Re: aide or tripwire"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
