On Sun, 2007-03-04 at 21:56 -0300, Felipe Figueiredo wrote: > Hello all, > > tripwire's default policy includes /proc. Why, what's the point? At least in > my systems, its files change more often than my logs rotate (which despite my > efforts insist on rotating on a daily basis). > > So, is it safe to just remove /proc from the policy? I have on all my public systems. I did this quite some time ago. No problems, no worries. > If so, why is it included by default? There are probably a host of reasons, I point the finger at the pack maintainer leaning more towards the side of security than insecurity. -Jim P.
Attachment:
signature.asc
Description: This is a digitally signed message part