[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: auditing file access
- To: Ira Abramov <lists-linux-il(at-nospam)ira.scso.com>
- Subject: Re: auditing file access
- From: Shachar Shemesh <linuxil(at-nospam)consumer.org.il>
- Date: Sun, 30 Sep 2001 17:19:27 +0200
- CC: IGLU Mailing list <linux-il(at-nospam)iglu.org.il>
- Delivered-To: iglu.org.il-linux-il@iglu.org.il
- References: <Pine.LNX.4.33_heb2.09.0109301712270.7619-100000@green>
- Sender: linux-il-bounce(at-nospam)cs.huji.ac.il
- User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:0.9.4) Gecko/20010913
Syslogtrack - a haifux project. mulix, I believe, is one of the
maintainers. I don't know any further detail, though.
Sh.
Ira Abramov wrote:
>I GFIed, I searched securityfocus and linuxsecurity, all over the place
>and could not find a single kernel or user-space package that does file
>access auditing. there are many ACL patches (including the NSA's own
>SELinux' but no file access audit logger. anyone got any ideas? before
>one sets up ACLs on an existing system, he wants to know what the
>currently running setup needs to access, afterall!
>
>(and no, don't say tripwire, I'm talking about actual smart logging of
>all the file access activities)
>
>side note, I resubbed just for this little question. the welcome message
>still says the FAQ is at http://www.linux.org.il/linux-il-faq.html and
>that's not true for the last 2 years, please fix it.
>
>I wish you a happy new year
>and a clear flight path,
>Ira.
>
=================================================================
To unsubscribe, send mail to linux-il-request@linux.org.il with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail linux-il-request@linux.org.il