Hello! I am playing with the Linux Intrusion Detection System for 2.4.0 and I'm having some trouble writing ACL's. Does anybody have Debian specific ACL examples for lids? I can boot & shutdown OK, but I am allowing a lot of really bad stuff. eg: /sbin/lidsadm -A -i -s /etc/init.d/rcS -o /etc -j WRITE Any suggestions before I hose my test-box (its getting old and I'm getting reckless!) TIA Ben Harvey --