I would like to put a watch on a file for rwxa for a File being accessed by someone who is not in the same group as the file.
For example: I have a file /var/myapp/logs 640 ntsw:ntsec So basically I have my application log files that are readable by anyone in the ntsec group. However if someone in another group like ntadm group tries to rwxa that file I would like to log it. Can this be done using an audit rule? Ameel Kamboh SIP Core Network and Security Phone: 972.685.4922 (esn 445-4922) Mobile: 978-590-2280 SIP: [EMAIL PROTECTED] email: [EMAIL PROTECTED]
-- Linux-audit mailing list [email protected] https://www.redhat.com/mailman/listinfo/linux-audit
