Tripwire Policy File and 5.4

Joel Hatton freebsd-questions at
Wed Aug 10 01:08:46 GMT 2005

> The policy file looks to be updated for 5.x systems now.  Tripwire's back.

I'm not so convinced of that - after a cvsup of ports overnight, this

# ll /usr/ports/security/tripwire/files/twpol.txt 
-rw-r--r--  1 root  wheel  20651 Mar  5  2002 /usr/ports/security/tripwire/files/twpol.txt

Last time I tried, Tripwire was still unable to perform an interactive
update, which is no great inconvenience but doesn't really inspire
confidence. The only improvement I've noticed since the first 5.x is that
it at least compiles now - given the lack of effective replacements for
Tripwire this is the least we could expect. Not being able to package this
port has been a real trial, however, and I don't believe that it wouldn't
be possible with a bit of consideration - no, I'm not volunteering right
now as more important things are pressing me.

I have adapted my own policy/config file and periodic script to run with
output in the daily security email - I'm happy to post these if anyone is


-- Joel Hatton --
Security Analyst                    | Hotline: +61 7 3365 4417
AusCERT - Australia's national CERT | Fax:     +61 7 3365 7031
The University of Queensland        | WWW:
Qld 4072 Australia                  | Email:   auscert at

More information about the freebsd-questions mailing list