aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorFrederic Lepied <flepied@mandriva.com>2002-08-30 12:20:34 +0000
committerFrederic Lepied <flepied@mandriva.com>2002-08-30 12:20:34 +0000
commite4887d67549570e45a384c1c6ea2968710b70527 (patch)
treefe9489267347a5fcca54651ade298fb908af3072
parent89cbae7ddfea0a55656c639da86a7f931c7a6ff1 (diff)
downloadmsec-e4887d67549570e45a384c1c6ea2968710b70527.tar
msec-e4887d67549570e45a384c1c6ea2968710b70527.tar.gz
msec-e4887d67549570e45a384c1c6ea2968710b70527.tar.bz2
msec-e4887d67549570e45a384c1c6ea2968710b70527.tar.xz
msec-e4887d67549570e45a384c1c6ea2968710b70527.zip
writeable => writable
-rwxr-xr-xcron-sh/diff_check.sh48
-rwxr-xr-xcron-sh/security.sh16
-rwxr-xr-xcron-sh/security_check.sh30
-rw-r--r--doc/msec.lyx8
-rw-r--r--doc/security.txt8
-rwxr-xr-xinit-sh/custom.sh4
-rwxr-xr-xinit-sh/level1.sh2
-rw-r--r--msec.spec22
-rw-r--r--share/README2
-rw-r--r--share/libmsec.py3
-rwxr-xr-xshare/msec.py2
-rw-r--r--src/msec_find/find.c14
12 files changed, 90 insertions, 69 deletions
diff --git a/cron-sh/diff_check.sh b/cron-sh/diff_check.sh
index bccfc44..ac7c10c 100755
--- a/cron-sh/diff_check.sh
+++ b/cron-sh/diff_check.sh
@@ -28,10 +28,10 @@ if [[ ${CHECK_SUID_ROOT} == yes ]]; then
if ! diff -u ${SUID_ROOT_YESTERDAY} ${SUID_ROOT_TODAY} > ${SUID_ROOT_DIFF}; then
printf "\nSecurity Warning: Change in Suid Root files found :\n" >> ${TMP}
grep '^+' ${SUID_ROOT_DIFF} | grep -vw "^+++ " | sed 's|^.||' | while read file; do
- printf "\t\t- Newly added suid root file : ${file}\n"
+ printf "\t\t- Newly added suid root file : ${file}\n"
done >> ${TMP}
grep '^-' ${SUID_ROOT_DIFF} | grep -vw "^--- " | sed 's|^.||' | while read file; do
- printf "\t\t- No more present suid root file : ${file}\n"
+ printf "\t\t- No longer present suid root file : ${file}\n"
done >> ${TMP}
fi
fi
@@ -45,10 +45,10 @@ if [[ ${CHECK_SUID_GROUP} == yes ]]; then
if ! diff -u ${SUID_GROUP_YESTERDAY} ${SUID_GROUP_TODAY} > ${SUID_GROUP_DIFF}; then
printf "\nSecurity Warning: Changes in Sgid files found :\n" >> ${TMP}
grep '^+' ${SUID_GROUP_DIFF} | grep -vw "^+++ " | sed 's|^.||' | while read file; do
- printf "\t\t- Newly added sgid file : ${file}\n"
+ printf "\t\t- Newly added sgid file : ${file}\n"
done >> ${TMP}
grep '^-' ${SUID_GROUP_DIFF} | grep -vw "^--- " | sed 's|^.||' | while read file; do
- printf "\t\t- No more present sgid file : ${file}\n"
+ printf "\t\t- No longer present sgid file : ${file}\n"
done >> ${TMP}
fi
fi
@@ -56,17 +56,17 @@ if [[ ${CHECK_SUID_GROUP} == yes ]]; then
fi
### Writable files detection
-if [[ ${CHECK_WRITEABLE} == yes ]]; then
+if [[ ${CHECK_WRITABLE} == yes ]]; then
- if [[ -f ${WRITEABLE_YESTERDAY} ]]; then
- diff -u ${WRITEABLE_YESTERDAY} ${WRITEABLE_TODAY} > ${WRITEABLE_DIFF}
- if [ -s ${WRITEABLE_DIFF} ]; then
- printf "\nSecurity Warning: Change in World Writeable Files found :\n" >> ${TMP}
- grep '^+' ${WRITEABLE_DIFF} | grep -vw "^+++ " | sed 's|^.||' | while read file; do
- printf "\t\t- Newly added writables files : ${file}\n"
+ if [[ -f ${WRITABLE_YESTERDAY} ]]; then
+ diff -u ${WRITABLE_YESTERDAY} ${WRITABLE_TODAY} > ${WRITABLE_DIFF}
+ if [ -s ${WRITABLE_DIFF} ]; then
+ printf "\nSecurity Warning: Change in World Writable Files found :\n" >> ${TMP}
+ grep '^+' ${WRITABLE_DIFF} | grep -vw "^+++ " | sed 's|^.||' | while read file; do
+ printf "\t\t- Newly added writable file : ${file}\n"
done >> ${TMP}
- grep '^-' ${WRITEABLE_DIFF} | grep -vw "^--- " | sed 's|^.||' | while read file; do
- printf "\t\t- No more present writables file : ${file}\n"
+ grep '^-' ${WRITABLE_DIFF} | grep -vw "^--- " | sed 's|^.||' | while read file; do
+ printf "\t\t- No longer present writable file : ${file}\n"
done >> ${TMP}
fi
fi
@@ -81,10 +81,10 @@ if [[ ${CHECK_UNOWNED} == yes ]]; then
if [ -s ${UNOWNED_USER_DIFF} ]; then
printf "\nSecurity Warning: the following files aren't owned by an user :\n" >> ${TMP}
grep '^+' ${UNOWNED_USER_DIFF} | grep -vw "^+++ " | sed 's|^.||' | while read file; do
- printf "\t\t- Newly added un-owned file : ${file}\n"
+ printf "\t\t- Newly added un-owned file : ${file}\n"
done >> ${TMP}
grep '^-' ${UNOWNED_USER_DIFF} | grep -vw "^--- " | sed 's|^.||' | while read file; do
- printf "\t\t- No more present un-owned file : ${file}\n"
+ printf "\t\t- No longer present un-owned file : ${file}\n"
done >> ${TMP}
fi
fi
@@ -94,10 +94,10 @@ if [[ ${CHECK_UNOWNED} == yes ]]; then
if [ -s ${UNOWNED_GROUP_DIFF} ]; then
printf "\nSecurity Warning: the following files aren't owned by a group :\n" >> ${TMP}
grep '^+' ${UNOWNED_GROUP_DIFF} | grep -vw "^+++ " | sed 's|^.||' | while read file; do
- printf "\t\t- Newly added un-owned file : ${file}\n"
+ printf "\t\t- Newly added un-owned file : ${file}\n"
done >> ${TMP}
grep '^-' ${UNOWNED_GROUP_DIFF} | grep -vw "^--- " | sed 's|^.||' | while read file; do
- printf "\t\t- No more present un-owned file : ${file}\n"
+ printf "\t\t- No longer present un-owned file : ${file}\n"
done >> ${TMP}
fi
fi
@@ -118,7 +118,7 @@ if [[ ${CHECK_SUID_MD5} == yes ]]; then
printf "\tmaybe an intruder modified one of these suid binary in order to put in a backdoor...\n" >> ${TMP}
ctrl_md5=1;
fi
- printf "\t\t- Checksum changed files : ${file}\n"
+ printf "\t\t- Checksum changed file : ${file}\n"
fi
done >> ${TMP}
fi
@@ -151,10 +151,10 @@ if [[ ${RPM_CHECK} == yes ]]; then
if [ -s ${RPM_QA_DIFF} ]; then
printf "\nSecurity Warning: These packages have changed on the system :\n" >> ${TMP}
grep '^+' ${RPM_QA_DIFF} | grep -vw "^+++ " | sed 's|^.||' | while read file; do
- printf "\t\t- Newly installed package : ${file}\n"
+ printf "\t\t- Newly installed package : ${file}\n"
done >> ${TMP}
grep '^-' ${RPM_QA_DIFF} | grep -vw "^--- " | sed 's|^.||' | while read file; do
- printf "\t\t- No more present package : ${file}\n"
+ printf "\t\t- No longer present package : ${file}\n"
done >> ${TMP}
fi
fi
@@ -163,10 +163,10 @@ if [[ ${RPM_CHECK} == yes ]]; then
if [ -s ${RPM_VA_DIFF} ]; then
printf "\nSecurity Warning: These files belonging to packages have changed of status on the system :\n" >> ${TMP}
grep '^+' ${RPM_VA_DIFF} | grep -vw "^+++ " | sed 's|^.||' | while read file; do
- printf "\t\t- Newly modified : ${file}\n"
+ printf "\t\t- Newly modified : ${file}\n"
done >> ${TMP}
grep '^-' ${RPM_VA_DIFF} | grep -vw "^--- " | sed 's|^.||' | while read file; do
- printf "\t\t- No more modified : ${file}\n"
+ printf "\t\t- No longer modified : ${file}\n"
done >> ${TMP}
fi
fi
@@ -175,10 +175,10 @@ if [[ ${RPM_CHECK} == yes ]]; then
if [ -s ${RPM_VA_CONFIG_DIFF} ]; then
printf "\nSecurity Warning: These config files belonging to packages have changed of status on the system :\n" >> ${TMP}
grep '^+' ${RPM_VA_CONFIG_DIFF} | grep -vw "^+++ " | sed 's|^.||' | while read file; do
- printf "\t\t- Newly modified : ${file}\n"
+ printf "\t\t- Newly modified : ${file}\n"
done >> ${TMP}
grep '^-' ${RPM_VA_CONFIG_DIFF} | grep -vw "^--- " | sed 's|^.||' | while read file; do
- printf "\t\t- No more modified : ${file}\n"
+ printf "\t\t- No longer modified : ${file}\n"
done >> ${TMP}
fi
fi
diff --git a/cron-sh/security.sh b/cron-sh/security.sh
index 2828f71..7c51395 100755
--- a/cron-sh/security.sh
+++ b/cron-sh/security.sh
@@ -49,9 +49,9 @@ SUID_MD5_DIFF="/var/log/security/suid_md5.diff"
export OPEN_PORT_TODAY="/var/log/security/open_port.today"
OPEN_PORT_YESTERDAY="/var/log/security/open_port.yesterday"
OPEN_PORT_DIFF="/var/log/security/open_port.diff"
-export WRITEABLE_TODAY="/var/log/security/writeable.today"
-WRITEABLE_YESTERDAY="/var/log/security/writeable.yesterday"
-WRITEABLE_DIFF="/var/log/security/writeable.diff"
+export WRITABLE_TODAY="/var/log/security/writable.today"
+WRITABLE_YESTERDAY="/var/log/security/writable.yesterday"
+WRITABLE_DIFF="/var/log/security/writable.diff"
export UNOWNED_USER_TODAY="/var/log/security/unowned_user.today"
UNOWNED_USER_YESTERDAY="/var/log/security/unowned_user.yesterday"
UNOWNED_USER_DIFF="/var/log/security/unowned_user.diff"
@@ -91,8 +91,8 @@ if [[ -f ${SUID_GROUP_TODAY} ]]; then
mv ${SUID_GROUP_TODAY} ${SUID_GROUP_YESTERDAY};
fi
-if [[ -f ${WRITEABLE_TODAY} ]]; then
- mv ${WRITEABLE_TODAY} ${WRITEABLE_YESTERDAY};
+if [[ -f ${WRITABLE_TODAY} ]]; then
+ mv ${WRITABLE_TODAY} ${WRITABLE_YESTERDAY};
fi
if [[ -f ${UNOWNED_USER_TODAY} ]]; then
@@ -142,9 +142,9 @@ if [[ -f ${SUID_GROUP_TODAY} ]]; then
mv -f ${SUID_GROUP_TODAY}.tmp ${SUID_GROUP_TODAY}
fi
-if [[ -f ${WRITEABLE_TODAY} ]]; then
- sort < ${WRITEABLE_TODAY} | egrep -v '^(/var)?/tmp$' > ${WRITEABLE_TODAY}.tmp
- mv -f ${WRITEABLE_TODAY}.tmp ${WRITEABLE_TODAY}
+if [[ -f ${WRITABLE_TODAY} ]]; then
+ sort < ${WRITABLE_TODAY} | egrep -v '^(/var)?/tmp$' > ${WRITABLE_TODAY}.tmp
+ mv -f ${WRITABLE_TODAY}.tmp ${WRITABLE_TODAY}
fi
if [[ -f ${UNOWNED_USER_TODAY} ]]; then
diff --git a/cron-sh/security_check.sh b/cron-sh/security_check.sh
index 1e9b5cc..dbac4f4 100755
--- a/cron-sh/security_check.sh
+++ b/cron-sh/security_check.sh
@@ -28,11 +28,11 @@ if [[ ! -d /var/log/security ]]; then
mkdir /var/log/security
fi
-### Writeable file detection
-if [[ ${CHECK_WRITEABLE} == yes ]]; then
- if [[ -s ${WRITEABLE_TODAY} ]]; then
- printf "\nSecurity Warning: World Writeable files found :\n" >> ${SECURITY}
- cat ${WRITEABLE_TODAY} | awk '{print "\t\t- " $0}' >> ${SECURITY}
+### Writable file detection
+if [[ ${CHECK_WRITABLE} == yes ]]; then
+ if [[ -s ${WRITABLE_TODAY} ]]; then
+ printf "\nSecurity Warning: World Writable files found :\n" >> ${SECURITY}
+ cat ${WRITABLE_TODAY} | awk '{print "\t\t- " $0}' >> ${SECURITY}
fi
fi
@@ -76,16 +76,16 @@ done | awk '$1 != $6 && $6 != "0" \
$4 ~ /^-......r/ \
{ print "\t\t- " $3 " : file is other readable." }
$4 ~ /^-....w/ \
- { print "\t\t- " $3 " : file is group writeable." }
+ { print "\t\t- " $3 " : file is group writable." }
$4 ~ /^-.......w/ \
- { print "\t\t- " $3 " : file is other writeable." }' > ${TMP}
+ { print "\t\t- " $3 " : file is other writable." }' > ${TMP}
if [[ -s ${TMP} ]]; then
printf "\nSecurity Warning: these files shouldn't be owned by someone else or readable :\n" >> ${SECURITY}
cat ${TMP} >> ${SECURITY}
fi
-### Files that should not be owned by someone else or writeable.
+### Files that should not be owned by someone else or writable.
list=".bashrc .bash_profile .bash_login .bash_logout .cshrc .emacs .exrc \
.forward .klogin .login .logout .profile .tcshrc .fvwmrc .inputrc .kshrc \
.nexrc .screenrc .ssh .ssh/config .ssh/authorized_keys .ssh/environment \
@@ -101,16 +101,16 @@ while read username uid homedir; do
done | awk '$1 != $6 && $6 != "0" \
{ print "\t\t- " $3 " : file is owned by uid " $6 "." }
$4 ~ /^.....w/ \
- { print "\t\t- " $3 " : file is group writeable." }
+ { print "\t\t- " $3 " : file is group writable." }
$4 ~ /^........w/ \
- { print "\t\t- " $3 " : file is other writeable." }' > ${TMP}
+ { print "\t\t- " $3 " : file is other writable." }' > ${TMP}
if [[ -s ${TMP} ]]; then
- printf "\nSecurity Warning: theses files should not be owned by someone else or writeable :\n" >> ${SECURITY}
+ printf "\nSecurity Warning: theses files should not be owned by someone else or writable :\n" >> ${SECURITY}
cat ${TMP} >> ${SECURITY}
fi
-### Check home directories. Directories should not be owned by someone else or writeable.
+### Check home directories. Directories should not be owned by someone else or writable.
awk -F: '/^[^+-]/ { print $1 " " $3 " " $6 }' /etc/passwd | \
while read username uid homedir; do
if [[ -d ${homedir} ]] ; then
@@ -122,12 +122,12 @@ while read username uid homedir; do
done | awk '$3 != $5 && $5 != "(0)" \
{ print "user=" $2 $3 " : home directory is owned by " $4 $5 "." }
$1 ~ /^d....w/ && $2 != "lp" && $2 != "mail" \
- { print "user=" $2 $3" : home directory is group writeable." }
+ { print "user=" $2 $3" : home directory is group writable." }
$1 ~ /^d.......w/ \
- { print "user=" $2 $3" : home directory is other writeable." }' > ${TMP}
+ { print "user=" $2 $3" : home directory is other writable." }' > ${TMP}
if [[ -s $TMP ]] ; then
- printf "\nSecurity Warning: these home directory should not be owned by someone else or writeable :\n" >> ${SECURITY}
+ printf "\nSecurity Warning: these home directory should not be owned by someone else or writable :\n" >> ${SECURITY}
cat ${TMP} >> ${SECURITY}
fi
fi # End of check perms
diff --git a/doc/msec.lyx b/doc/msec.lyx
index 4ec3de4..a906910 100644
--- a/doc/msec.lyx
+++ b/doc/msec.lyx
@@ -295,7 +295,7 @@ warnings dispatching,
periodicall security checks:
\layout Quotation
-- on files: suid root, writeable, unowned;
+- on files: suid root, writable, unowned;
\layout Quotation
- listening ports: active, promiscuous;
@@ -758,7 +758,7 @@ Suid root file md5sum check
\newline
*
\newline
-Writeable file check
+Writable file check
\newline
\newline
@@ -984,7 +984,7 @@ Suid root file check
Suid root file md5sum check
\layout Itemize
-Writeable file check
+Writable file check
\layout Itemize
Suid group file check
@@ -1160,7 +1160,7 @@ Checks the md5sum signature of each suid root file that is on the system.
A warning is then issued.
\layout Subsection
-Writeable file check
+Writable file check
\layout Standard
Check wether files are world writable on the system.
diff --git a/doc/security.txt b/doc/security.txt
index 8ab5a16..be5ab30 100644
--- a/doc/security.txt
+++ b/doc/security.txt
@@ -24,7 +24,7 @@ Security level 2 ( Aka normal system ) :
- Global security check
- Suid root file check
- Suid root file md5sum check
-- Writeable file check
+- Writable file check
- Warning in syslog
- Warning in /var/log/security.log
@@ -41,7 +41,7 @@ Security level 3 ( Aka more secure system ) :
- Suid root file check
- Suid root file md5sum check
- Suid group file check
-- Writeable file check
+- Writable file check
- Unowned file check
- Promiscuous check
- Listening port check
@@ -69,7 +69,7 @@ Security level 4 ( Aka Secured system ) :
- Suid root file check
- Suid root file md5sum check
- Suid group file check
-- Writeable file check
+- Writable file check
- Unowned file check
- Promiscuous check
- Listening port check
@@ -120,7 +120,7 @@ Security level 5 ( Aka Paranoid system ) :
- Suid root file check
- Suid root file md5sum check
- Suid group file check
-- Writeable file check
+- Writable file check
- Unowned file check
- Promiscuous check
- Listening port check
diff --git a/init-sh/custom.sh b/init-sh/custom.sh
index dd8b9a5..b22f96f 100755
--- a/init-sh/custom.sh
+++ b/init-sh/custom.sh
@@ -143,10 +143,10 @@ if [[ ${answer} == yes ]]; then
fi
###
-echo "Do you want your system to daily check Writeable file change ?"
+echo "Do you want your system to daily check Writable file change ?"
WaitAnswer; clear
if [[ ${answer} == yes ]]; then
- AddRules "CHECK_WRITEABLE=yes" /etc/security/msec/security.conf
+ AddRules "CHECK_WRITABLE=yes" /etc/security/msec/security.conf
WRITE_CRON="true"
fi
diff --git a/init-sh/level1.sh b/init-sh/level1.sh
index a40a22e..ce6b2d7 100755
--- a/init-sh/level1.sh
+++ b/init-sh/level1.sh
@@ -41,7 +41,7 @@ echo -e "\t- Check suid root file integrity (backdoor check) : no."
echo -e "\t- Check suid group file : no."
AddRules "CHECK_SUID_GROUP=no" /etc/security/msec/security.conf quiet
echo -e "\t- Check world writable file : no."
- AddRules "CHECK_WRITEABLE=no" /etc/security/msec/security.conf quiet
+ AddRules "CHECK_WRITABLE=no" /etc/security/msec/security.conf quiet
echo -e "\t- Check unowned file : no."
AddRules "CHECK_UNOWNED=no" /etc/security/msec/security.conf quiet
echo -e "\t- Check promiscuous mode : no."
diff --git a/msec.spec b/msec.spec
index 1d6cb1d..870bb39 100644
--- a/msec.spec
+++ b/msec.spec
@@ -1,6 +1,6 @@
Summary: Security Level & Program for the Mandrake Linux distribution
Name: msec
-Version: 0.34.2
+Version: 0.34.3
Release: 1mdk
Url: http://www.linux-mandrake.com/
Source0: %{name}-%{version}.tar.bz2
@@ -83,8 +83,24 @@ touch $RPM_BUILD_ROOT/var/log/security.log
touch /var/log/security.log
if [ $1 != 1 ]; then
+ # manage spelling change
+ if [ -f /etc/security/msec/level.local ]; then
+ perl -pi -e 's/CHECK_WRITEABLE/CHECK_WRITABLE/g' /etc/security/msec/level.local
+ fi
+ if [ -f /etc/security/msec/security.conf ]; then
+ perl -pi -e 's/CHECK_WRITEABLE/CHECK_WRITABLE/g' /etc/security/msec/security.conf
+ fi
+ for ext in today yesterday diff; do
+ if [ -f /var/log/security/writeable.$ext ]; then
+ mv -f /var/log/security/writeable.$ext /var/log/security/writable.$ext
+ fi
+ done
+
+ # find secure level
SL=$SECURE_LEVEL
[ ! -r /etc/sysconfig/msec ] || SL=`sed -n 's/SECURE_LEVEL=//p' < /etc/sysconfig/msec` || :
+
+ # upgrade from old style msec or rerun the new msec
if grep -q "# Mandrake-Security : if you remove this comment" /etc/profile; then
[ -z "$SL" -a -r /etc/profile.d/msec.sh ] && SL=`sed -n 's/.*SECURE_LEVEL=//p' < /etc/profile.d/msec.sh` || :
/usr/share/msec/cleanold.sh || :
@@ -92,6 +108,7 @@ if [ $1 != 1 ]; then
else
[ -n "$SL" ] && msec < /dev/null || :
fi
+
# remove the old way of doing the daily cron
rm -f /etc/cron.d/msec
fi
@@ -135,6 +152,9 @@ rm -rf $RPM_BUILD_ROOT
# MAKE THE CHANGES IN CVS: NO PATCH OR SOURCE ALLOWED
%changelog
+* Thu Aug 29 2002 Frederic Lepied <flepied@mandrakesoft.com> 0.34.3-1mdk
+- Corrected spelling errors thx to David Relson
+
* Tue Aug 27 2002 Frederic Lepied <flepied@mandrakesoft.com> 0.34.2-1mdk
- fixed /boot as suggested by Guillaume Rousse.
diff --git a/share/README b/share/README
index 8d908e7..664d66b 100644
--- a/share/README
+++ b/share/README
@@ -47,7 +47,7 @@ CHECK_PERMS no no no yes yes yes
CHECK_SUID_ROOT no no yes yes yes yes
CHECK_SUID_MD5 no no yes yes yes yes
CHECK_SUID_GROUP no no yes yes yes yes
-CHECK_WRITEABLE no no yes yes yes yes
+CHECK_WRITABLE no no yes yes yes yes
CHECK_UNOWNED no no no no yes yes
CHECK_PROMISC no no no no yes yes
CHECK_OPEN_PORT no no no yes yes yes
diff --git a/share/libmsec.py b/share/libmsec.py
index d67bc12..ccd1f1d 100644
--- a/share/libmsec.py
+++ b/share/libmsec.py
@@ -156,6 +156,7 @@ is used by chkconfig --add to decide to add a service if it is present in the fi
during the installation of packages.'''
level = get_server_level()
server = ConfigFile.get_config_file(SERVER)
+ print 'create_server_link', level, server.exists()
if level in ('0', '1', '2', '3'):
_interactive and log(_('Allowing chkconfig --add from rpm'))
server.exists() and server.unlink()
@@ -1207,7 +1208,7 @@ RPM_CHECK if set to yes, run some checks against the rpm database.
TTY_WARN if set to yes, reports check result to tty.
-CHECK_WRITEABLE if set to yes, check files/directories writable by everybody.
+CHECK_WRITABLE if set to yes, check files/directories writable by everybody.
MAIL_WARN if set to yes, report check result by mail.
diff --git a/share/msec.py b/share/msec.py
index 4280228..f53ed4f 100755
--- a/share/msec.py
+++ b/share/msec.py
@@ -233,7 +233,7 @@ FILE_CHECKS = {'CHECK_SECURITY' : ('no', 'yes', 'yes', 'yes', 'yes', 'yes',
'CHECK_SUID_ROOT' : ('no', 'no', 'yes', 'yes', 'yes', 'yes', ),
'CHECK_SUID_MD5' : ('no', 'no', 'yes', 'yes', 'yes', 'yes', ),
'CHECK_SUID_GROUP' : ('no', 'no', 'yes', 'yes', 'yes', 'yes', ),
- 'CHECK_WRITEABLE' : ('no', 'no', 'yes', 'yes', 'yes', 'yes', ),
+ 'CHECK_WRITABLE' : ('no', 'no', 'yes', 'yes', 'yes', 'yes', ),
'CHECK_UNOWNED' : ('no', 'no', 'no', 'no', 'yes', 'yes', ),
'CHECK_PROMISC' : ('no', 'no', 'no', 'no', 'yes', 'yes', ),
'CHECK_OPEN_PORT' : ('no', 'no', 'no', 'yes', 'yes', 'yes', ),
diff --git a/src/msec_find/find.c b/src/msec_find/find.c
index b1fb2d2..f0446d4 100644
--- a/src/msec_find/find.c
+++ b/src/msec_find/find.c
@@ -62,7 +62,7 @@ static FILE *suid_fd;
static FILE *sgid_fd;
static FILE *unowned_user_fd;
static FILE *unowned_group_fd;
-static FILE *writeable_fd;
+static FILE *writable_fd;
static int traverse(const char *file, const struct stat *sb, int flag, struct FTW *s)
{
@@ -105,10 +105,10 @@ static int traverse(const char *file, const struct stat *sb, int flag, struct FT
*/
case FTW_D:
/*
- * Is world writeable check.
+ * Is world writable check.
*/
if (sb->st_mode & 0002)
- fprintf(writeable_fd, "%s\n", file);
+ fprintf(writable_fd, "%s\n", file);
/*
* Unowned user check.
@@ -145,9 +145,9 @@ __inline__ static void init()
exit(1);
}
- writeable_fd = fopen(getenv("WRITEABLE_TODAY"), mode);
- if ( ! writeable_fd ) {
- perror("fopen (writeable_today)");
+ writable_fd = fopen(getenv("WRITABLE_TODAY"), mode);
+ if ( ! writable_fd ) {
+ perror("fopen (writable_today)");
exit(1);
}
@@ -213,7 +213,7 @@ int main(int argc, char **argv)
fclose(suid_fd);
fclose(sgid_fd);
- fclose(writeable_fd);
+ fclose(writable_fd);
fclose(unowned_user_fd);
fclose(unowned_group_fd);