Pārlūkot izejas kodu

Tripwire root config files

Bob Mottram 10 gadus atpakaļ
vecāks
revīzija
552fda2e66
1 mainītis faili ar 13 papildinājumiem un 27 dzēšanām
  1. 13
    27
      beaglebone.txt

+ 13
- 27
beaglebone.txt Parādīt failu

@@ -7158,33 +7158,19 @@ Set *SYSLOGREPORTING* to false and comment out the line, then save and exit.
7158 7158
 editor /etc/tripwire/twpol.txt
7159 7159
 #+END_SRC
7160 7160
 
7161
-Comment out the lines:
7162
-
7163
-#+BEGIN_SRC: bash
7164
-	/var/log		-> $(SEC_CONFIG) ;
7165
-	/proc		-> $(Device) ;
7166
-	/root/.xsession-errors		-> $(SEC_CONFIG) ;
7167
-	/root/.xauth			-> $(SEC_CONFIG) ;
7168
-	/root/.gnome_private		-> $(SEC_CONFIG) ;
7169
-	/root/.gnome-desktop		-> $(SEC_CONFIG) ;
7170
-	/root/.gnome			-> $(SEC_CONFIG) ;
7171
-	/root/.Xresources		-> $(SEC_CONFIG) ;
7172
-	/root/.Xauthority		-> $(SEC_CONFIG) -i ;
7173
-	/root/mail			-> $(SEC_CONFIG) ;
7174
-	/root/Mail			-> $(SEC_CONFIG) ;
7175
-	/root/.ICEauthority		    -> $(SEC_CONFIG) ;
7176
-	/etc/rc.boot		-> $(SEC_BIN) ;
7177
-	/root/.tcshrc			-> $(SEC_CONFIG) ;
7178
-	/root/.sawfish			-> $(SEC_CONFIG) ;
7179
-	/root/.pinerc			-> $(SEC_CONFIG) ;
7180
-	/root/.mc			-> $(SEC_CONFIG) ;
7181
-	/root/.elm			-> $(SEC_CONFIG) ;
7182
-	/root/.cshrc		        -> $(SEC_CONFIG) ;
7183
-	/root/.bash_logout		-> $(SEC_CONFIG) ;
7184
-	/root/.bash_profile		-> $(SEC_CONFIG) ;
7185
-	/root/.amandahosts		-> $(SEC_CONFIG) ;
7186
-	/root/.addressbook.lu		-> $(SEC_CONFIG) ;
7187
-	/root/.addressbook		-> $(SEC_CONFIG) ;
7161
+Edit the "Root config files" section so that it looks like this:
7162
+
7163
+#+BEGIN_SRC: bash
7164
+# These files change the behavior of the root account
7165
+(
7166
+  rulename = "Root config files",
7167
+  severity = 100
7168
+)
7169
+{
7170
+	/root				-> $(SEC_CRIT) ; # Catch all additions to /root
7171
+	/root/.bashrc			-> $(SEC_CONFIG) ;
7172
+	/root/.bash_history		-> $(SEC_CONFIG) ;
7173
+}
7188 7174
 #+END_SRC
7189 7175
 
7190 7176
 Then save and exit.