diff options
Diffstat (limited to 'doc/todo')
-rw-r--r-- | doc/todo/track_multiple_directories/comment_6_bedb701e0175b2d3833041f2f496d3aa._comment | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/doc/todo/track_multiple_directories/comment_6_bedb701e0175b2d3833041f2f496d3aa._comment b/doc/todo/track_multiple_directories/comment_6_bedb701e0175b2d3833041f2f496d3aa._comment new file mode 100644 index 0000000..f5d9831 --- /dev/null +++ b/doc/todo/track_multiple_directories/comment_6_bedb701e0175b2d3833041f2f496d3aa._comment @@ -0,0 +1,10 @@ +[[!comment format=mdwn + username="https://www.google.com/accounts/o8/id?id=AItOawnZJhzx-nwZRTgh9kjy2Q8zKYsgTLNM2zc" + nickname="Evan" + subject="intrusion detection?" + date="2015-04-10T20:32:40Z" + content=""" +It seems to me that this would be particularly useful for narrowly scoped intrusion detection. + +For example, if I have an installed instance of a popular web app (Wordpress, Django, what have you) that is compromised (SQL injection, brute force, etcetera), every part of that app may become suspect even after the initial vulnerability is patched...in which case, a versioned log of what files were changed within the app directory(s) would be *extremely* useful. +"""]] |