File watch on group
Ameel Kamboh
akamboh at nortel.com
Wed Jul 18 21:46:40 UTC 2007
I would like to put a watch on a file for rwxa for a
File being accessed by someone who is not in the same group as the file.
For example:
I have a file /var/myapp/logs 640 ntsw:ntsec
So basically I have my application log files that are readable by anyone
in the ntsec group.
However if someone in another group like ntadm group tries to rwxa that
file I would like to log it.
Can this be done using an audit rule?
Ameel Kamboh
SIP Core Network and Security
Phone: 972.685.4922 (esn 445-4922)
Mobile: 978-590-2280
SIP: akamboh at techtrial.com
email: akamboh at nortel.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/linux-audit/attachments/20070718/8a5346bb/attachment.htm>
More information about the Linux-audit
mailing list