#988535 samhain: Add ACL and Selinux support

Package:
samhain
Source:
samhain
Description:
Data integrity and host intrusion alert system
Submitter:
Javier Fernandez-Sanguino
Date:
2021-05-15 08:21:04 UTC
Severity:
wishlist
#988535#5
Date:
2021-05-15 08:17:25 UTC
From:
To:
As requested by a samhain user, it would be good to add checking POSIX ACL
(add "--enable-posix-acl" to the configuration of the package). This would
allow the software to also detect file permissions changes done by an
attacker (currently the change is detected only as inode update).

Additionally, the package could also include checking Selinux attributes
too (add "--enable-selinux").

Best regards


Javier