Here is output of ls -la:
vitorio@homedir:~$ sudo ls -la /var/ossec/etc/ossec.conf
-r--r----- 1 root ossec 5928 2008-03-04 16:34 /var/ossec/etc/ossec.conf
To make my previous post clearer... I certainly gained root privileges before attempting to edit the file. I actually did it different ways:
gksudo gedit/vim /var/ossec/etc/ossec.conf
root:# gedit/vim /var/ossec/etc/ossec.conf
In gedit I just had Save button disabled, vim reported an error attempting to modify a read-only file and gave up.
But this behavior is natural - file as you can see above is indeed read-only after installation.
So, my question was, am I trying to invent the wheel and to change the file attributes to read/write is the way to go, or there is some specific OSSEC way to handle it?