[Aide] Symbolic link
Richard van den Berg
richard at vdberg.org
Fri Nov 24 21:17:08 EET 2006
Franco Pieressa wrote:
> Hi, a few days ago, I have found in AIDE tool a problem with symbolic
> link change detection. I think this is a serious security flaw, because
> if somebody changes the target's pathname in a symbolic link file, AIDE
> will not detect it (at least in linux, where fast symlinks is implemented).
Well, they will also need to use the exact same ctime and mtime for the
link. But I agree that aide should detect it if only the link name
changes. I've also added this detection to the default R group definition.
Thanks for reporting this.
Sincerely,
Richard van den Berg
More information about the Aide
mailing list