Subject: Re: Chapter 8 security
To: NetBSD Security Technical Discussion List <tech-security@NetBSD.ORG>
From: Luke Mewburn <lukem@NetBSD.org>
Date: 04/19/2004 10:35:21
Content-Type: text/plain; charset=us-ascii
On Sun, Apr 18, 2004 at 02:54:34PM -0400, Greg A. Woods wrote:
| The /etc/security support of /var/backups should even be sufficient for
| the purposes of auditing "all system changes", and even the granularity
| can be adjusted as necessary; though perhaps a well planned and deployed
| tripwire install (or similar scheme, e.g. with mtree) would be even
NetBSD 2.0 has /etc/mtree/set.*, which contains the mtree information
including permissions and SHA1 hashes for all the files in the given set.
This could easily be used as the basis for tripwire like functionality.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (NetBSD)
-----END PGP SIGNATURE-----