Osec is a lightweight integrity checking system. You can use it to see difference between two states of your system. Osec also adds an ability of checking system for the dangerous files, e.g. suid, sgid and world writeable.
If you run osec under root acount, then this program will work under non-privilegy user with only one extra capability 'dac_read_search', so osec cannot
damage any system file on internal errors.
Osec is divided into two parts:
* osec - data gathering program. Osec have made it's output in row format to standart output.
* osec_reporter - report filter. You can pass row output from osec to reporter to see human-readable reports with some analisys.
Reporter process will also print results to standart output, so you can continue this pipeline. For example, you can send e-mail with report to system administrator.
Here are some key features of "Osec":
- Osec can work under non-privilege user, so it's more secure.
- It's smaller and faster.
- It's easy to include to Unix pipelines.