[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] File and folder access auditing, how?



On Thu, Feb 02, 2006 at 11:34:10AM +0200, HG wrote:
> Hello!
> 
> Is it possible to set up file and folder access auditing on SuSE 9.2
> or later (10.0)?
> If so, how would one do that?
> 
> I have some sensitive information now on SuSE 9.2 (that might be
> updated to 10.X) and I'm looking for something similar to what I had
> in Windows. I want to have a log somewhere that would indicate who has
> used or tried to use the sensitive information.

10.0 has the beginnings of the upstream audit system, in the "audit"
package, 10.1 has a bit further developed one.
I am not sure it can audit to the full extend you need.

9.1 / SLES 9 has a EAL4+/CAPP capable audit system doing all you might
want ... For 10.1 / SLES 10 this is planned too.

(Look for "audit watches".)

Ciao, Marcus

-- 
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here