[Aide] tracking files with permissions X
Aaron Lippold
lippold at gmail.com
Wed Jun 13 02:47:00 EEST 2007
Hello,
Thank you for the reply. I have made a list already but I did it with
perm -2000 and -4000, so thanks for the tip on the shortcut.
So what I wasn't sure about was that, let's say, I get:
/bin/x
/bin/y
/sbin/z
/usr/local/x
etc.
for my list.
and then I would just say:
aide.conf
/bin/x PERM
/bin/y PERM
etc.
And then, for completeness, have a cron job that runs my check and
then compares the results to the entries in my aide.conf file?
Would you say that is the correct approach?
Aaron
p.s. I cc'd some interested folks so please reply to all. Thanks.
On 6/12/07, Richard van den in<richard at vdberg.org> wrote:
> Aaron Lippold wrote
> > I am trying to setup a rule in my aide.conf to track files on my
> > system that are setgid and setsid and set world writable. I have
> > google'd a lot on this and have had little success.
> >
> > How would I create a rule like that?
> >
>
> You can't let aide select files based on anything else except the name
> of the directory and file. You can however make a list of all setuid and
> setgid files on your system: find / -perm /6000
> You can use this list as a starting point for building your aide.conf
>
> Sincerely,
>
> Richard van den Berg
>
> _______________________________________________
> Aide mailing list
> Aide at cs.tut.fi
> https://mailman.cs.tut.fi/mailman/listinfo/aide
>
More information about the Aide
mailing list