OSec
(our security)
Osec is a lightweight integrity
checking system. You can use it to see difference between two states of
your system. Osec also adds an ability of checking system for the
dangerous files, e.g. suid, sgid and world writeable.
If you run osec under root acount, then this program will work under
non-privilegy user with only one extra capability 'dac_read_search', so
osec cannot
damage any system file on internal errors.
Osec is divided into two parts:
- osec - data
gathering
program. Osec have made it's output in row format to standart output.
- osec_reporter - report
filter. You can pass row output from osec to reporter to see
human-readable reports with some analisys.
Reporter process will also print results to standart output, so you can
continue this pipeline. For example, you can send e-mail with report to
system administrator.
If you develop some interesting reporter module or filter you can sent
to authors to include it into osec distribution.
Why it's better?
- Osec can work under non-privilege user, so it's more secure.
- It's smaller and faster.
- It's easy to include to Unix pipelines.
Download latest osec version here.
Osec is written by Stanislav
Ievlev
Hosted by
Member of