[Pkg-aide-maintainers] Bug#642272: aide: (Optionally?) ignore read-only ext2attrs
A. N. Other
a.n.other.debian at gmail.com
Tue Sep 20 23:46:56 UTC 2011
Package: aide
Version: 0.15.1-2+squeeze1
Severity: wishlist
Several of the attributes listed by the lsattr program are
"read-only" and cannot be changed by chattr; essentially,
these attributes represent diagnostics reported by the ext2
filesystem driver. To quote chattr(1):
The following attributes are read-only, and may be listed
by lsattr(1) but not modified by chattr: huge file (h),
compression error (E), indexed directory (I), compression
raw access (X), and compressed dirty file (Z).
Currently, the e2fsattrs check in aide will list changes to
these attributes too; it might make more sense for aide to
ignore these attributes, or at least to provide an option to
do so, as such changes are unlikely to be security-relevant.
More information about the Pkg-aide-maintainers
mailing list