corrected errors reported by Pierre Fortin's script

author: Frederic Lepied <flepied@mandriva.com> 2002-01-22 19:23:18 +0000
committer: Frederic Lepied <flepied@mandriva.com> 2002-01-22 19:23:18 +0000
commit: da66772cfaf407695a5b71baa3ebcada1e88f365 (patch)
tree: 22ea13e0e6fc8fe29bed159ffe5998a51056ac2f
parent: d6a11b7907d3f6099e86f51430df2453bd04e008 (diff)
download: msec-da66772cfaf407695a5b71baa3ebcada1e88f365.tar
msec-da66772cfaf407695a5b71baa3ebcada1e88f365.tar.gz
msec-da66772cfaf407695a5b71baa3ebcada1e88f365.tar.bz2
msec-da66772cfaf407695a5b71baa3ebcada1e88f365.tar.xz
msec-da66772cfaf407695a5b71baa3ebcada1e88f365.zip
7 files changed, 94 insertions, 32 deletions
diff --git a/conf/perm.0 b/conf/perm.0
index f683e4b..773394a 100644
--- a/conf/perm.0
+++ b/conf/perm.0
@@ -25,7 +25,6 @@
 /etc/hosts.deny					root.root		644
 /etc/hosts.equiv				root.root		644
 /etc/inetd.conf					root.root		644
-/etc/init.d/					root.root		755
 /etc/inittab					root.root		644
 /etc/ld.so.conf					root.root		644
 /etc/lilo.conf					root.root		644
@@ -35,6 +34,7 @@
 /etc/printcap					root.root		644
 /etc/profile.d/*				root.root		755
 /etc/rc.d/					root.root		755
+/etc/rc.d/init.d/				root.root		755
 /etc/rc.d/init.d/*				root.root		755
 /etc/securetty					root.root		644
 /etc/sendmail.cf				root.root		644
@@ -53,16 +53,26 @@
 /proc						root.root		555
 /root/						root.root		755
 /sbin/						root.root		755
-/tmp/						root.root		1777
+/tmp/						root.root		777
 /usr/						root.root		755
 /usr/*						root.root		755
 /usr/X11R6/					root.root		755
 /usr/bin/					root.root		755
+/usr/bin/cc					root.root		755
+/usr/bin/finger					root.root		755
+/usr/bin/g++*					root.root		755
+/usr/bin/gcc*					root.root		755
+/usr/bin/ssh					root.root		755
+/usr/bin/telnet					root.root		755
+/usr/bin/w					root.root		755
+/usr/bin/who					root.root		755
 /usr/lib/rpm/rpm?				rpm.rpm			755
 /usr/sbin/					root.root		755
+/usr/sbin/sendmail				root.root		755
+/usr/sbin/traceroute				root.bin		4755
 /usr/share/doc					root.root		755
 /usr/share/man					root.root		755
-/usr/tmp					root.root		1777
+/usr/tmp					root.root		777
 /var/						root.root		755
 /var/lock/subsys				root.root		755
 /var/log/					root.root		755
@@ -70,5 +80,5 @@
 /var/log/*/*					current			644
 /var/log/*/*/*					current			644
 /var/log/*/.					current			755
-/var/spool/mail/				root.mail		771
-/var/tmp					root.root		1777
+/var/spool/mail/				root.mail		2775
+/var/tmp					root.root		777
diff --git a/conf/perm.1 b/conf/perm.1
index 0441e0d..587c329 100644
--- a/conf/perm.1
+++ b/conf/perm.1
@@ -25,7 +25,6 @@
 /etc/hosts.deny					root.root		644
 /etc/hosts.equiv				root.root		644
 /etc/inetd.conf					root.root		644
-/etc/init.d/					root.root		755
 /etc/inittab					root.root		644
 /etc/ld.so.conf					root.root		644
 /etc/lilo.conf					root.root		644
@@ -35,6 +34,7 @@
 /etc/printcap					root.root		644
 /etc/profile.d/*				root.root		755
 /etc/rc.d/					root.root		755
+/etc/rc.d/init.d/				root.root		755
 /etc/rc.d/init.d/*				root.root		744
 /etc/rc.d/init.d/mandrake_consmap		root.root		755
 /etc/securetty					root.root		644
@@ -56,13 +56,24 @@
 /sbin/						root.root		755
 /tmp/						root.root		1777
 /usr/						root.root		755
+/usr/*						root.root		755
 /usr/X11R6/					root.root		755
 /usr/bin/					root.root		755
+/usr/bin/cc					root.root		755
+/usr/bin/finger					root.root		755
+/usr/bin/g++*					root.root		755
+/usr/bin/gcc*					root.root		755
+/usr/bin/ssh					root.root		755
+/usr/bin/telnet					root.root		755
+/usr/bin/w					root.root		755
+/usr/bin/who					root.root		755
 /usr/lib/rpm/rpm?				rpm.rpm			755
 /usr/sbin/					root.root		755
+/usr/sbin/sendmail				root.root		755
+/usr/sbin/traceroute				root.bin		4755
 /usr/share/doc					root.root		755
 /usr/share/man					root.root		755
-/usr/tmp					root.root		2777
+/usr/tmp					root.root		1777
 /var/						root.root		755
 /var/lock/subsys				root.root		755
 /var/log/					root.root		755
@@ -71,4 +82,4 @@
 /var/log/*/*/*					current			644
 /var/log/*/.					current			755
 /var/spool/mail/				root.mail		2775
-/var/tmp					root.root		2777
+/var/tmp					root.root		1777
diff --git a/conf/perm.2 b/conf/perm.2
index 1adbfe1..5e406a0 100644
--- a/conf/perm.2
+++ b/conf/perm.2
@@ -25,7 +25,6 @@
 /etc/hosts.deny					root.root		644
 /etc/hosts.equiv				root.root		644
 /etc/inetd.conf					root.root		644
-/etc/init.d/					root.root		755
 /etc/inittab					root.root		644
 /etc/ld.so.conf					root.root		644
 /etc/lilo.conf					root.root		644
@@ -35,6 +34,7 @@
 /etc/printcap					root.root		644
 /etc/profile.d/*				root.root		755
 /etc/rc.d/					root.root		755
+/etc/rc.d/init.d/				root.root		755
 /etc/rc.d/init.d/*				root.root		744
 /etc/rc.d/init.d/mandrake_consmap		root.root		755
 /etc/securetty					root.root		644
@@ -59,8 +59,18 @@
 /usr/*						root.root		755
 /usr/X11R6/					root.root		755
 /usr/bin/					root.root		755
+/usr/bin/cc					root.root		755
+/usr/bin/finger					root.root		755
+/usr/bin/g++*					root.root		755
+/usr/bin/gcc*					root.root		755
+/usr/bin/ssh					root.root		755
+/usr/bin/telnet					root.root		755
+/usr/bin/w					root.root		755
+/usr/bin/who					root.root		755
 /usr/lib/rpm/rpm?				rpm.rpm			755
 /usr/sbin/					root.root		755
+/usr/sbin/sendmail				root.root		755
+/usr/sbin/traceroute				root.bin		4755
 /usr/share/doc					root.root		755
 /usr/share/man					root.root		755
 /usr/tmp					root.root		1777
diff --git a/conf/perm.3 b/conf/perm.3
index 2613d1a..fb7ff26 100644
--- a/conf/perm.3
+++ b/conf/perm.3
@@ -25,7 +25,6 @@
 /etc/hosts.deny					root.root		644
 /etc/hosts.equiv				root.root		644
 /etc/inetd.conf					root.root		644
-/etc/init.d/					root.root		755
 /etc/inittab					root.root		644
 /etc/ld.so.conf					root.root		644
 /etc/lilo.conf					root.root		644
@@ -35,6 +34,7 @@
 /etc/printcap					root.root		644
 /etc/profile.d/*				root.root		755
 /etc/rc.d/					root.root		755
+/etc/rc.d/init.d/				root.root		755
 /etc/rc.d/init.d/*				root.root		700
 /etc/rc.d/init.d/mandrake_consmap		root.root		755
 /etc/securetty					root.root		644
@@ -59,8 +59,18 @@
 /usr/*						root.root		755
 /usr/X11R6/					root.root		755
 /usr/bin/					root.root		755
+/usr/bin/cc					root.root		755
+/usr/bin/finger					root.root		755
+/usr/bin/g++*					root.root		755
+/usr/bin/gcc*					root.root		755
+/usr/bin/ssh					root.root		755
+/usr/bin/telnet					root.root		755
+/usr/bin/w					root.root		755
+/usr/bin/who					root.root		755
 /usr/lib/rpm/rpm?				rpm.rpm			755
 /usr/sbin/					root.root		755
+/usr/sbin/sendmail				root.root		755
+/usr/sbin/traceroute				root.bin		4755
 /usr/share/doc					root.root		755
 /usr/share/man					root.root		755
 /usr/tmp					root.root		1777
diff --git a/conf/perm.4 b/conf/perm.4
index 2f24171..4e7a97a 100644
--- a/conf/perm.4
+++ b/conf/perm.4
@@ -1,8 +1,8 @@
 # Welcome in Level 4, aka secure & usable.
 ###
 /						root.adm		751
-/bin/						root.root		4755
-/bin/ping					root.root		755
+/bin/						root.adm		751
+/bin/ping					root.ntools		4750
 /bin/rpm					rpm.rpm			750
 /boot/						root.root		700
 /dev/						root.root		711
@@ -39,7 +39,7 @@
 /etc/rc.d/init.d/mandrake_consmap		root.adm		755
 /etc/securetty					root.root		640
 /etc/sendmail.cf				root.adm		640
-/etc/shutdown.allow				root.root		600
+/etc/shutdown.allow				root.adm		640
 /etc/ssh/ssh_config				root.root		644
 /etc/ssh/ssh_host_*key				root.adm		600
 /etc/ssh/ssh_host_*key.pub			root.adm		644
@@ -54,22 +54,32 @@
 /proc						root.kmem		550
 /root/						root.root		700
 /sbin/						root.adm		751
-/tmp/						root.root		1777
+/tmp/						root.adm		1773
 /usr/						root.adm		751
 /usr/*						root.adm		751
 /usr/X11R6/					root.xgrp		751
 /usr/bin/					root.adm		751
+/usr/bin/cc					root.ctools		750
+/usr/bin/finger					root.ntools		750
+/usr/bin/g++*					root.ctools		750
+/usr/bin/gcc*					root.ctools		750
+/usr/bin/ssh					root.ntools		750
+/usr/bin/telnet					root.ntools		750
+/usr/bin/w					root.ntools		750
+/usr/bin/who					root.ntools		750
 /usr/lib/rpm/rpm?				rpm.rpm			750
 /usr/sbin/					root.adm		751
+/usr/sbin/sendmail				root.root		755
+/usr/sbin/traceroute				root.ntools		4750
 /usr/share/doc					rpm.rpm			750
 /usr/share/man					rpm.rpm			750
-/usr/tmp					root.root		1777
+/usr/tmp					root.adm		1773
 /var/						root.root		755
-/var/lock/subsys				root.root		700
-/var/log/					root.root		711
+/var/lock/subsys				root.adm		750
+/var/log/					root.adm		751
 /var/log/*					root.root		600
 /var/log/*/*					current			600
 /var/log/*/*/*					current			600
 /var/log/*/.					current			700
 /var/spool/mail/				root.mail		771
-/var/tmp					root.root		1777
+/var/tmp					root.adm		1773
diff --git a/conf/perm.5 b/conf/perm.5
index a1d7e1f..756c27a 100644
--- a/conf/perm.5
+++ b/conf/perm.5
@@ -54,7 +54,7 @@
 /proc						root.kmem		550
 /root/						root.root		700
 /sbin/						root.root		711
-/tmp/						root.root		1777
+/tmp/						root.root		1733
 /usr/						root.root		711
 /usr/*						root.root		711
 /usr/X11R6/					root.xgrp		710
@@ -70,10 +70,10 @@
 /usr/lib/rpm/rpm?				rpm.rpm			750
 /usr/sbin/					root.root		711
 /usr/sbin/sendmail				root.root		755
-/usr/sbin/traceroute				root.ntools		750
+/usr/sbin/traceroute				root.ntools		4750
 /usr/share/doc					rpm.rpm			710
 /usr/share/man					rpm.rpm			710
-/usr/tmp					root.root		1777
+/usr/tmp					root.root		1733
 /var/						root.root		755
 /var/lock/subsys				root.root		700
 /var/log/					root.root		711
@@ -82,4 +82,4 @@
 /var/log/*/*/*					current			600
 /var/log/*/.					current			700
 /var/spool/mail/				root.mail		771
-/var/tmp					root.root		1777
+/var/tmp					root.root		1733
diff --git a/conf/perm.snf b/conf/perm.snf
index a06bdc4..0a42815 100644
--- a/conf/perm.snf
+++ b/conf/perm.snf
@@ -1,8 +1,8 @@
 # Welcome in Level 4, aka secure & usable.
 ###
 /						root.adm		751
-/bin/						root.root		711
-/bin/ping					root.root		755
+/bin/						root.adm		751
+/bin/ping					root.ntools		4750
 /bin/rpm					rpm.rpm			750
 /boot/						root.root		700
 /dev/						root.root		711
@@ -33,17 +33,18 @@
 /etc/motd					root.adm		644
 /etc/printcap					root.lp			640
 /etc/profile.d/*				root.root		755
-/etc/rc.d/					root.adm		640
+/etc/rc.d/					root.adm		750
 /etc/rc.d/init.d/				root.adm		750
+/etc/rc.d/init.d/*				root.adm		740
 /etc/rc.d/init.d/mandrake_consmap		root.adm		755
-/etc/rc.d/init.d/syslog				root.adm		740
 /etc/securetty					root.root		640
 /etc/sendmail.cf				root.adm		640
-/etc/shutdown.allow				root.root		600
+/etc/shutdown.allow				root.adm		640
 /etc/ssh/ssh_config				root.root		644
 /etc/ssh/ssh_host_*key				root.adm		600
 /etc/ssh/ssh_host_*key.pub			root.adm		644
 /etc/ssh/sshd_config				root.adm		640
+/etc/sysconfig					root.adm		751
 /etc/syslog.conf				root.adm		640
 /etc/updatedb.conf				root.adm		640
 /home/						root.adm		751
@@ -53,25 +54,35 @@
 /proc						root.kmem		550
 /root/						root.root		700
 /sbin/						root.adm		751
-/tmp/						root.root		1777
+/tmp/						root.adm		1773
 /usr/						root.adm		751
 /usr/*						root.adm		751
 /usr/X11R6/					root.xgrp		751
 /usr/bin/					root.adm		751
+/usr/bin/cc					root.ctools		750
+/usr/bin/finger					root.ntools		750
+/usr/bin/g++*					root.ctools		750
+/usr/bin/gcc*					root.ctools		750
+/usr/bin/ssh					root.ntools		750
+/usr/bin/telnet					root.ntools		750
+/usr/bin/w					root.ntools		750
+/usr/bin/who					root.ntools		750
 /usr/lib/rpm/rpm?				rpm.rpm			750
 /usr/sbin/					root.adm		751
+/usr/sbin/sendmail				root.root		755
+/usr/sbin/traceroute				root.ntools		4750
 /usr/share/doc					rpm.rpm			750
 /usr/share/man					rpm.rpm			750
-/usr/tmp					root.root		1777
+/usr/tmp					root.adm		1773
 /var/						root.root		755
 /var/lib/monitoring				root.root 		751
 /var/lib/naat  					root.admin 		2770
-/var/lock/subsys				root.root		700
-/var/log/					root.root		711
+/var/lock/subsys				root.adm		750
+/var/log/					root.adm		751
 /var/log/*					root.root		600
 /var/log/*/*					current			600
 /var/log/*/*/*					current			600
 /var/log/*/.					current			700
 /var/spool/mail/				root.mail		771
-/var/tmp					root.root		1777
+/var/tmp					root.adm		1773
 /var/www-naat  					httpd-naat.admin 	750
author	Frederic Lepied <flepied@mandriva.com>	2002-01-22 19:23:18 +0000
committer	Frederic Lepied <flepied@mandriva.com>	2002-01-22 19:23:18 +0000
commit	da66772cfaf407695a5b71baa3ebcada1e88f365 (patch)
tree	22ea13e0e6fc8fe29bed159ffe5998a51056ac2f
parent	d6a11b7907d3f6099e86f51430df2453bd04e008 (diff)
download	msec-da66772cfaf407695a5b71baa3ebcada1e88f365.tar msec-da66772cfaf407695a5b71baa3ebcada1e88f365.tar.gz msec-da66772cfaf407695a5b71baa3ebcada1e88f365.tar.bz2 msec-da66772cfaf407695a5b71baa3ebcada1e88f365.tar.xz msec-da66772cfaf407695a5b71baa3ebcada1e88f365.zip