*** empty log message ***

10 files changed, 317 insertions, 10 deletions

diff --git a/ChangeLog b/ChangeLog
index 47ec38e..eaafff4 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,4 +1,11 @@
+2000-03-08 Yoann Vandoorselaere <yoann@mandrakesoft.com>
+	* Added msec_find utility, written by Thierry Vignaud
+		which will avoid us to find / 5 times :)
+	* Heavilly modified msec_find.
+
 2000-03-07 Yoann Vandoorselaere <yoann@mandrakesoft.com>
+	* Added support for libsafe stack overflow protection in level 4 / 5 /
+	  custom
 	* trap the sigint signal
 	* use /etc/security/msec for config file only.
 	* Renamed init.sh to msec, and install it in /usr/sbin.
diff --git a/Makefile b/Makefile
index 634c2d6..5edb8ac 100644
--- a/Makefile
+++ b/Makefile
@@ -1,7 +1,7 @@
 VERSION = 0.9
 NAME = msec
 
-all: promisc_check
+all: promisc_check msec_find
 
 clean:
 	find . -name *.o -exec rm -f {} \;
@@ -9,7 +9,10 @@ clean:
 	rm -f src/promisc_check/promisc_check
 
 promisc_check: 
-	(cd src/promisc_check; make)
+	(cd src/promisc_check && make)
+
+msec_find:
+	(cd src/msec_find && make)
 
 dis: clean
 	rm -rf msec-$(VERSION) ../msec-$(VERSION).tar*
@@ -40,7 +43,7 @@ install:
 	(touch $(RPM_BUILD_ROOT)/var/log/security.log)
 	(mkdir -p $(RPM_BUILD_ROOT)/var/log/security)
 	(cd src/promisc_check && make install)
-	(cd cron-sh && make install)
+	(cd src/msec_find && make install)
 
 	@echo
 	@echo
diff --git a/cron-sh/security.sh b/cron-sh/security.sh
index ee94863..ebe71de 100755
--- a/cron-sh/security.sh
+++ b/cron-sh/security.sh
@@ -74,11 +74,18 @@ fi
 netstat -pvlA inet 2> /dev/null > ${OPEN_PORT_TODAY};
 
 # Hard disk related file check; the less priority the better...
-nice --adjustment=+19 find ${DIR} -xdev -type f -perm +04000 -user root -printf "${PRINT}" 2> /dev/null | sort > ${SUID_ROOT_TODAY}
-nice --adjustment=+19 find ${DIR} -xdev -type f -perm +02000 -printf "${PRINT}" 2> /dev/null | sort > ${SUID_GROUP_TODAY}
-nice --adjustment=+19 find ${DIR} -xdev -type f -perm -2 -printf "${PRINT}" 2> /dev/null | sort > ${WRITEABLE_TODAY}
-nice --adjustment=+19 find ${DIR} -xdev -nouser -printf "${PRINT}" 2> /dev/null | sort > ${UNOWNED_USER_TODAY}
-nice --adjustment=+19 find ${DIR} -xdev -nogroup -printf "${PRINT}" 2> /dev/null | sort > ${UNOWNED_GROUP_TODAY}
+nice --adjustment=+19 /usr/bin/msec_find ${DIR}
+sort < ${SUID_ROOT_TODAY} > ${SUID_ROOT_TODAY}.tmp
+sort < ${SUID_GROUP_TODAY} > ${SUID_GROUP_TODAY}.tmp
+sort < ${WRITEABLE_TODAY} > ${WRITEABLE_TODAY}.tmp
+sort < ${UNOWNED_USER_TODAY} > ${UNOWNED_USER_TODAY}.tmp
+sort < ${UNOWNED_GROUP_TODAY} > ${UNOWNED_GROUP_TODAY}.tmp
+
+mv -f ${SUID_ROOT_TODAY}.tmp ${SUID_ROOT_TODAY}
+mv -f ${SUID_GROUP_TODAY}.tmp ${SUID_GROUP_TODAY}
+mv -f ${WRITEABLE_TODAY}.tmp ${WRITEABLE_TODAY}
+mv -f ${UNOWNED_USER_TODAY}.tmp ${UNOWNED_USER_TODAY}
+mv -f ${UNOWNED_GROUP_TODAY}.tmp ${UNOWNED_GROUP_TODAY}
 
 while read line; do 
     md5sum ${line}
diff --git a/init-sh/custom.sh b/init-sh/custom.sh
index b8b8402..9d46bd1 100755
--- a/init-sh/custom.sh
+++ b/init-sh/custom.sh
@@ -62,6 +62,18 @@ if [[ ${answer} == yes ]]; then
     AddRules "tty6" /etc/securetty 
 fi
 ###
+echo "Do you want to enable the libsafe stack overflow protection ?"
+echo "This stack overflow protection work by catching dangerous function call"
+echo "like strcpy, strcat, getwd, gets, [vf]scanf, realpath, [v]sprintf"
+echo "and verify the address & the size of the destination buffer in the stack"
+echo "this is done by searching in the stack frame the one which contain the"
+echo "destination address, and by substracting the frame address to the destination buffer one" 
+WaitAnswer; clear
+if [[ ${answer} == yes ]]; then
+	AddRules "export LD_PRELOAD=/usr/lib/libsafe.so.1.2" /etc/profile
+fi
+
+###
 echo "Do you want your system to daily check important security problem ?"
 WaitAnswer; clear
 if [[ ${answer} == yes ]]; then
diff --git a/init-sh/level4.sh b/init-sh/level4.sh
index 75a0e85..f10fb54 100755
--- a/init-sh/level4.sh
+++ b/init-sh/level4.sh
@@ -105,9 +105,15 @@ echo -e "done.\n";
 # /etc/profile
 echo "Setting umask to 022 (u=rw,g=rx) for root, 077 (u=rw) for user :"
 AddRules "if [[ \${UID} == 0 ]]; then umask 022; else umask 077; fi" /etc/profile
+
 echo "Adding \"normal\" PATH variable :"
 AddRules "PATH=\$PATH:/usr/X11R6/bin:/usr/games" /etc/profile quiet
-AddRules "export PATH SECURE_LEVEL" /etc/profile
+AddRules "export PATH SECURE_LEVEL" /etc/profile 
+
+if [[ -f /usr/lib/libsafe.so.1.2 ]]; then
+    echo "Enabling stack overflow protection :"
+    AddRules "export LD_PRELOAD=/usr/lib/libsafe.so.1.2" /etc/profile
+fi
 
 # Do not boot on a shell
 echo -n "Setting up inittab to deny any user to issue ctrl-alt-del : "
@@ -122,3 +128,8 @@ echo "done."
 # Group were modified in lib.sh...
 grpconv
 
+
+
+
+
+
diff --git a/init-sh/level5.sh b/init-sh/level5.sh
index 59dc413..0e458b7 100755
--- a/init-sh/level5.sh
+++ b/init-sh/level5.sh
@@ -103,10 +103,16 @@ echo -e "done.\n";
 # /etc/profile
 echo "Setting umask to 077 (u=rw) :"
 AddRules "umask 077" /etc/profile 
+
 echo "Adding \"normal\" PATH variable :"
 AddRules "PATH=\$PATH:/usr/X11R6/bin" /etc/profile quiet
 AddRules "export PATH SECURE_LEVEL" /etc/profile
 
+if [[ -f /usr/lib/libsafe.so.1.2 ]]; then
+    echo "Enabling stack overflow protection :"
+    AddRules "export LD_PRELOAD=/usr/lib/libsafe.so.1.2" /etc/profile
+fi
+
 # Do not boot on a shell
 echo -n "Setting up inittab to deny any user to issue ctrl-alt-del : "
 tmpfile=`mktemp /tmp/secure.XXXXXX`
@@ -144,3 +150,6 @@ grpconv
 
 
 
+
+
+
diff --git a/init-sh/msec b/init-sh/msec
index 2fc7c53..1ba1bb2 100755
--- a/init-sh/msec
+++ b/init-sh/msec
@@ -16,11 +16,17 @@ fi
 
 if [[ ${1} == custom ]]; then
 	/usr/share/msec/custom.sh
+	echo
+	echo "You might logout of your session for some change to be activated."
+	echo
 	exit 0;
 fi
 
 if [[ -f /usr/share/msec/level$1.sh ]]; then
 	/usr/share/msec/level$1.sh
+	echo
+	echo "You might logout of your session for some change to be activated."
+	echo
 	if [[ -f /usr/share/msec/perm.$1 ]]; then
 		/usr/share/msec/file_perm.sh /usr/share/msec/perm.$1
 	else
diff --git a/msec.spec b/msec.spec
index 9af10b8..4723c22 100644
--- a/msec.spec
+++ b/msec.spec
@@ -39,6 +39,7 @@ rm -rf $RPM_BUILD_ROOT
 %doc AUTHORS COPYING Makefile README 
 %doc doc/*txt ChangeLog doc/*ps
 /usr/bin/promisc_check
+/usr/bin/msec_find
 /usr/sbin/msec
 /usr/share/msec
 /var/log/security.log
@@ -48,7 +49,12 @@ rm -rf $RPM_BUILD_ROOT
 %config /etc/security/msec
 
 %changelog
-* Tue Mar 07 Yoann Vandoorselaere <yoann@mandrakesoft.com>
+* Tue Mar 08 Yoann Vandoorselaere <yoann@mandrakesoft.com>
+- Heavylly Modified msec_find.
+- Added msec_find utility, written by Thierry Vignaud which will avoid us to
+  find / 5 times :)
+- Added support for libsafe stack overflow protection in level 4 / 5 /
+  custom
 - trap the sigint signal.
 - use %config for config file ( thanks to Frederic Lepied ).
 - use /etc/security/msec for config file only.
diff --git a/src/msec_find/Makefile b/src/msec_find/Makefile
new file mode 100644
index 0000000..20fb4d9
--- /dev/null
+++ b/src/msec_find/Makefile
@@ -0,0 +1,13 @@
+CC=gcc
+NAME=msec_find
+
+CFLAGS = -ggdb -Wall -Wmissing-prototypes -Wmissing-declarations \
+-Wpointer-arith -m486 -O2 -finline-functions -fkeep-inline-functions
+
+OBJ=find.o
+
+msec_find: $(OBJ)
+	$(CC) $(OBJ) -o $(NAME)
+
+install:
+	cp $(NAME) /usr/bin
diff --git a/src/msec_find/find.c b/src/msec_find/find.c
new file mode 100644
index 0000000..65e8c73
--- /dev/null
+++ b/src/msec_find/find.c
@@ -0,0 +1,233 @@
+/*
+ * Written by Thierry Vignaud,
+ * heavilly modified for msec purpose by Vandoorselaere Yoann.
+ *
+ * This code is copyrighted by Mandrakesoft [(c) 2000] and is released under
+ *  the GPL licence
+ */
+
+
+/*
+ * TODO
+ * +++	hash tables or btree to stock already searched uid/gid for speed
+ *		Pb: since linux-2.3.4x, uid & gid are 32 bits wide ... => BTREE?
+ *		static char **uid_hash, **gid_hash;
+ *
+ * +++	check for open & I/O error on log files ...
+ * +++	Yoann scripts should avoid /dev if devfs is mounted (either by testing
+ *		if /dev is mounted by devfs or if [ -f /dev/.devfsd ] => see with
+ *		Yoann
+ * ---	disable 'cannot stat ...' warning (???) => better log them SECURITY_LOG
+ * ---	disable write test on links => OK
+ */
+
+/*
+ * (Vandoorselaere Yoann)
+ * Done : 
+ * - Don't handle FTW_DNR case, since it will print warning for /proc file.
+ * - Don't walk trought /dev & /proc.
+ * - We don't need to handle all of the ftw flag, just the FTW_F & FTW_D one :)
+ * - Use FTW_PHYS to not follow symbolic link.
+ * - Do not use getenv to get the root directory.
+ * - Use argv instead of a DIR variable to get directory to scan.
+ * - Free directory after use when allocated for appending a '/'.
+ * - We do not need __USE_XOPEN_EXTENDED definition.
+ */
+
+#include <stdlib.h>
+#include <stdio.h>
+
+#define __USE_XOPEN_EXTENDED
+#include <ftw.h>
+
+#include <sys/stat.h>
+
+/* For NSS managment */
+#include <pwd.h>
+#include <grp.h>
+#include <sys/types.h>
+
+#include <string.h>
+
+
+#ifdef __GNUC__
+#define inline
+#else
+#warning upgrade your so-called system to a real OS such as GNU/Linux
+#endif
+
+/*
+ * Log files
+ */
+static FILE *suid_fd;
+static FILE *sgid_fd;
+static FILE *unowned_user_fd;
+static FILE *unowned_group_fd;
+static FILE *writeable_fd;
+
+static int traverse(const char *file, const struct stat *sb, int flag, struct FTW *s)
+{
+	struct passwd *u_nss_data;
+	struct group *g_nss_data;
+        
+	if (strncmp(file, "//", 2) == 0 )
+                /*
+                 * handle bogus glibc ftw
+                 * else we won't print only one '/' in front of file names
+                 */
+                file++;
+
+        if (strncmp("/proc", file, 5) == 0)
+                return 0;
+        if (strncmp("/dev", file, 4) == 0)
+                return 0;
+        
+	switch (flag) {
+		/*
+                 * Here is a difference with security-check.sh:
+		 * we don't check for regular files only for Set-UID et Set-GID but
+		 * to directories too. Idem for world writable directories ...
+		 */
+
+        case FTW_F:
+                /*
+                 * Regular file
+                 */
+                printf("%s\n", file);
+                
+                /*
+                 * Is writeable check.
+                 */
+		if (sb->st_mode & 0002)
+			fprintf(writeable_fd, "%s\n", file);
+
+                /*
+                 * Is suid root check.
+                 */
+                if ((sb->st_mode & S_ISUID) && (sb->st_uid == 0))
+			fprintf(suid_fd, "%s\n", file);
+
+                /*
+                 * Is suid group check.
+                 */
+                if (sb->st_mode & S_ISGID)
+			fprintf(sgid_fd, "%s\n", file);
+
+        case FTW_D:
+                /*
+                 * Unowned user check.
+                 */
+		u_nss_data = getpwuid(sb->st_uid);
+		if (u_nss_data == NULL)
+			fprintf(unowned_user_fd, "%s\n", file);
+
+                /*
+                 * Unowned group check.
+                 */
+                g_nss_data = getgrgid(sb->st_uid);
+		if (g_nss_data == NULL)
+			fprintf(unowned_group_fd, "%s\n", file);
+		break;
+	}
+	return 0;
+}
+
+/* This function opens all log files */
+__inline__ static void init()
+{
+	static const char *mode = "w+";
+
+        suid_fd = fopen(getenv("SUID_ROOT_TODAY"), mode);
+        if ( ! suid_fd ) {
+                perror("fopen (suid_root_today)");
+                exit(1);
+        }
+        
+        sgid_fd = fopen(getenv("SUID_GROUP_TODAY"), mode);
+        if ( ! sgid_fd ) {
+                perror("fopen (suid_group_today)");
+                exit(1);
+        }
+
+        writeable_fd = fopen(getenv("WRITEABLE_TODAY"), mode);
+        if ( ! writeable_fd ) {
+                perror("fopen (writeable_today)");
+                exit(1);
+        }
+        
+	unowned_user_fd = fopen(getenv("UNOWNED_USER_TODAY"), mode);
+        if ( ! unowned_user_fd ) {
+                perror("fopen (unowned_user_today)");
+                exit(1);
+        }
+        
+        unowned_group_fd = fopen(getenv("UNOWNED_GROUP_TODAY"), mode);
+        if ( ! unowned_group_fd ) {
+                perror("fopen (unowned_group_today)");
+                exit(1);
+        }
+}
+
+int main(int argc, char **argv)
+{
+	char *directory;
+	int res = 0, i;
+        int ctrl = 0;
+
+        if ( argc < 2 ) {
+                fprintf(stderr, "Please give directory as argument.\n");
+                fprintf(stderr, "%s /usr/sbin /sbin\n\n", argv[0]);
+                exit(1);
+        }
+        
+        /* open all log files */
+	init();
+
+        for ( i = 0; i < argc; i++ ) {
+
+                if (strcmp(argv[0], "/") != 0) {
+                        /*
+                         * We need to add a final '/' to the base directory name else the
+                         * FTW_MOUNT option of nftw won't work. i.e. : /mnt/cdrom is on the /
+                         * fs (it is the directory on which a CD is mounted) whereas
+                         * /mnt/cdrom/ is the mounted directory.
+                         * Hopefully, find has the same "bug"
+                         */
+                        
+                        ctrl = 1;
+                        directory = ( char * ) malloc((strlen(argv[i]) + 1));
+                        if ( ! directory ) {
+                                perror("malloc");
+                                exit(1);
+                        }
+                        
+                        strcpy(directory, argv[i]);
+                        strcat(directory, "/");
+                } else directory = argv[i];
+                
+                res = nftw(directory, traverse, (int) 500, FTW_PHYS | FTW_MOUNT | FTW_CHDIR);
+                if ( ctrl ) {
+                        free(directory);
+                        ctrl = 0;
+                }
+        }
+        
+	/*
+         * close all log files
+         */
+        
+	fclose(suid_fd);
+	fclose(sgid_fd);
+	fclose(writeable_fd);
+	fclose(unowned_user_fd);
+	fclose(unowned_group_fd);
+
+        exit(res);
+}
+
+
+
+
+
+
+