Subject: integrating /etc/changelist into mtree
To: None <firstname.lastname@example.org>
From: Rob Windsor <email@example.com>
Date: 05/03/2001 15:25:20
I submitted PR security/6548 many moons ago and thought now would be a good
time to air it out and either close it w/o further action or convince
someone to help implement it.
The general idea is that /etc/changelist contains a list of files that are
generally redundant (in a subset sort of way) with the security checking
of mtree, using /etc/mtree/special.
To reduce the number of files you need to tweak to tighten up security of
your system, I suggested in the PR that we modify mtree to allow an additional
field in its file format such that it can spit out a list of files for the
daily security script to use instead of having to read /etc/security.
I have not submitted a patch with the PR because I do not (yet) contain the
programming skillz to make it go.
Does this make sense, should it be done, can someone make it work?
Internet: firstname.lastname@example.org __o
Life: Rob@Carrollton.Texas.USA.Earth _`\<,_
The weather is here, wish you were beautiful.