Searching for files with absolute file paths (instead of relative paths) creates heavier system loads; bypassing this search accelerates file events.
To activate this bypass, set the bypass_realpath token to 1 in the [SEOS_syscall] section of the seos.ini file. If you enable this token, CA ControlMinder does not obtain real file names, which, for example, could be a symbolic link.
Note: For more information about seos.ini file tokens, see the Reference Guide.
Important! This feature should be used with extreme care because it impacts security-generic rules do not work when files are accessed with a relative path.
|
Copyright © 2013 CA Technologies.
All rights reserved.
|
|