>In my work environmnt, we work with some sensitive data, and we must have audit >trail whenever some types of files are touched (or we would fail external audits, >which translates to lost jobs, simple as that). Problem with using Linux so far >was lack of good auditing tools. This is all in work. The 0.7.4 audit package has some information about setting file watches (auditctl -w -p ). However, you need to have a kernel that's patched for it. We are still peer reviewing this capability. I think we have just a few more locking issues to solve and then it will be sent to lkml. I have put the tools into FC4 so that when the file system auditing patch does go upstream & you do a kernel update, everything starts working. -Steve Grubb __________________________________ Yahoo! Mail Mobile Take Yahoo! Mail with you! Check email on your mobile phone. http://mobile.yahoo.com/learn/mail -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx http://www.redhat.com/mailman/listinfo/fedora-selinux-list