Menu
▾
▴
[Linux-ima-user] Creating custom IMA policies
|
From: Black R. <bla...@gm...> - 2016-11-13 18:01:55
|
Hello, I have read through the IMA wiki page https://sourceforge.net/p/linux-ima/wiki/Home/ to get an overview. Now I'd like to create my own simple IMA policies but am struggling with the right rule format. I found the definition of the format here https://www.kernel.org/doc/Documentation/ABI/testing/ima_policy. I tried to create rules to measure specific single files, that can either be executed (Bash files) or opened (Text files). Is it even possible to define specific files that should be measured by IMA, maybe by defining the entire path like `/home/user/test.txt' or '/home/user/exec.sh'? Are there maybe any tutorials for such rules (I have already looked at the default policy file structure)? Thank you for you help |
