Listing 1. Sample Policy File
WEBROOT=/home/mick/www;
CGIBINS=/home/mick/www/cgi-bin;
TWPOL="/etc/tripwire";
TWDB="/var/lib/tripwire";
BINS = $(ReadOnly) ; # Binaries that should not
change
SEC_INVARIANT = +tpug ; # Dir.s that shouldn't
change perms/ownership
SIG_MED = 66 ; # Important but not
system-critical files
# Mick's Web Junk
(
rulename = "MickWeb",
severity = $(SIG_MED),
emailto = mick@uselesswebjunk.com
)
{
$(TWPOL) -> $(Readonly) ;
$(WEBROOT) -> $(ReadOnly) (recurse=1) ;
!$(WEBROOT)/guestbook.html ;
$(CGIBINS) -> $(BINS) ;
/var/log/httpd -> $(Growing) ;
}