While that was probably a tongue in cheek response, it is worth exploring. Would you then turn on auditd file watching for all files under /etc and then some depending on where applications are installed?
How would you do that? Enumerate each file individually aka auditctl -w /etc/passwd -p war -k password-file etc? Any more elegent way? On Tuesday, November 20, 2012 4:57:22 PM UTC-5, morgan cox wrote: > > Perhaps you should migrate to Linux? >
