The script checksecurity which creates the setuid.* log file and is distributed with cron doesnt have a whole lot of documentation. How does it log? Can it be made to log through syslog?
Also, I'd love to see this distrubuted in it's own package, so that it may be build upon further to do md5 checksums and stuff. Maybe some mechanism to store logs on remote servers? Log via syslog and then have the syslog box have some daemon to share the said logs? I mean, I'd write some tcl or perl script to do this maybe. Just wondering what sorta info is out there about the package so far. Altho, maybe since tripwire is open it'd be better to leave the checksum stuff to it :) Mathew Johnston