[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: tripwire's default policy

On Sun, 2007-03-04 at 21:56 -0300, Felipe Figueiredo wrote:
> Hello all,
> tripwire's default policy includes /proc. Why, what's the point? At least in 
> my systems, its files change more often than my logs rotate (which despite my 
> efforts insist on rotating on a daily basis). 
> So, is it safe to just remove /proc from the policy? 

I have on all my public systems.  I did this quite some time ago.  No
problems, no worries.

> If so, why is it included by default?

There are probably a host of reasons, I point the finger at the pack
maintainer leaning more towards the side of security than insecurity.

-Jim P.

Attachment: signature.asc
Description: This is a digitally signed message part

Reply to: