> Exactly. The point of Tiger is to run regular checks, like which > processes are listening to the network, which process use deleted > files, check for suspicious files and directories in various places (like > /tmp/.x), check which account seem to be dormant, check the content > of crontabs, etc...etc... > while Bastille locks down a machine once (and, hopefully, for all). I can't agree with you on this: I usually run Bastille on critical systems after upgrading or installing software, since I tend to change permissions on some executables I dislike. Also, I run Bastille from time to time on non-critical system to recheck that everything is in place. I don't think of Bastille as a one-shot tool. -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx http://www.redhat.com/mailman/listinfo/fedora-devel-list
