4718l1

Listing 1. Sample Policy File

WEBROOT=/home/mick/www;
CGIBINS=/home/mick/www/cgi-bin;
TWPOL="/etc/tripwire";
TWDB="/var/lib/tripwire";
BINS  = $(ReadOnly) ;    # Binaries that should not change
SEC_INVARIANT = +tpug ;  # Dir.s that shouldn't change perms/ownership
SIG_MED       = 66 ;     # Important but not system-critical files
# Mick's Web Junk
(
  rulename = "MickWeb",
  severity = $(SIG_MED),
  emailto = mick<\@>uselesswebjunk.com
)
{
  $(TWPOL)                 -> $(Readonly) ;
  $(WEBROOT)               -> $(ReadOnly) (recurse=1) ;
  !$(WEBROOT)/guestbook.html ;
  $(CGIBINS)               -> $(BINS)     ;
  /var/log/httpd           -> $(Growing)  ;
}

