suidsnoop is a tool based on eBPF LSM programs that logs whenever a suid binary is executed and implements custom allow/deny lists.
Geek Repo:Geek Repo
Github PK Tool:Github PK Tool