Auditing File Changes
Valdis.Kletnieks at vt.edu
Valdis.Kletnieks at vt.edu
Mon Jul 10 21:22:26 UTC 2006
On Mon, 10 Jul 2006 14:11:42 PDT, eklinger at uci.edu said:
> file. After we decrypt the file and remove the wrapper, the raw data would
> be opened in the appropriate application on the system (e.g.
> OpenOffice.org). However, at the save we would want to add that wrapper
> back in so they could not simply circumvent the wrapper protection. Of
> course, we don't want to have to modify any of the user level applications
> to achieve this functionality.
OpenOffice 'Save As...' will be a can of worms, as will the fact that it
can have multiple documents open at once, and you can slice-n-mice between
them. Do you have an X server that properly enforces MLS/MCS restrictions
so cut-n-paste between documents won't work? Otherwise, they can just
cut it from their OpenOffice document, paste it into Evilution, and hit 'send'.
You're much better off just fixing the machines so you can't attach removable
media to them (no USB/firewire/etc), and then restrict the network access
so they can't send the bits anyplace interesting....
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/linux-audit/attachments/20060710/4ce3eeb9/attachment.sig>
More information about the Linux-audit
mailing list