also sprach Tollef Fog Heen (on Wed, 26 Sep 2001 10:25:15AM +0200): > The right way is, imho, the way postfix deals with it. It took quite > some time before I discovered it chrooted itself.
i disagree stronlgy mainly because of things like tripwire, which i think should be scanning *everything* but a small list of exceptions - not a list of things to scan and to ignore all rest. /var/spool/postfix contains some very important files that (a) affect the way postfix is working and how secure it is, and (b) are static files in that they don't change between boots. therefore, you tripwire them -- which is useless if every restart of postfix causes tripwire to bitch. martin; (greetings from the heart of the sun.) \____ echo mailto: !#^."<*>"|tr "<*> mailto:"; [EMAIL PROTECTED] --
pgpQPCcVTxwDs.pgp
Description: PGP signature
