Information on the Disk and Memory Access check of the Object Integrity module on Unix
|Article:TECH138886|||||Created: 2010-09-01|||||Updated: 2012-01-24|||||Article URL http://www.symantec.com/docs/TECH138886|
You want to know what devices get checked by this feature.
In the current object module, the ESM distinguishes the disk or memory device files by their major number. You can use the “Name To Major” template to define disk or memory device major number in addition to the well-known disk or memory device files. So, in this case, the /dev/full is treated as either disk or memory device file by its major number.
Article URL http://www.symantec.com/docs/TECH138886