aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorFlorin Grad <florin@mandriva.com>2001-11-07 15:11:45 +0000
committerFlorin Grad <florin@mandriva.com>2001-11-07 15:11:45 +0000
commite2cb9b7f53c40e3db8767bd0eb855384d51b3320 (patch)
tree94a6a4795533e182233cef97ce20f6f812e07651
parent331e4653468699a476fc4cbca8317ae019aabc75 (diff)
downloadmsec-e2cb9b7f53c40e3db8767bd0eb855384d51b3320.tar
msec-e2cb9b7f53c40e3db8767bd0eb855384d51b3320.tar.gz
msec-e2cb9b7f53c40e3db8767bd0eb855384d51b3320.tar.bz2
msec-e2cb9b7f53c40e3db8767bd0eb855384d51b3320.tar.xz
msec-e2cb9b7f53c40e3db8767bd0eb855384d51b3320.zip
new entry
-rw-r--r--conf/perm.35
-rw-r--r--conf/perm.45
-rw-r--r--conf/perm.55
-rw-r--r--conf/perm.snf72
4 files changed, 72 insertions, 15 deletions
diff --git a/conf/perm.3 b/conf/perm.3
index 5fe91f7..52322e2 100644
--- a/conf/perm.3
+++ b/conf/perm.3
@@ -65,8 +65,3 @@
/var/log/security/* root.root 600
/var/spool/mail/ root.mail 2775
/var/tmp root.root 1777
-/var/lib/monitoring httpd-naat.admin 2770
-/var/lib/naat root.admin 2770
-/var/log/httpd-naat httpd-naat.admin 750
-/var/www-naat httpd-naat.admin 750
-/var/log/snort snort.snort 750
diff --git a/conf/perm.4 b/conf/perm.4
index 848054b..38123b3 100644
--- a/conf/perm.4
+++ b/conf/perm.4
@@ -65,8 +65,3 @@
/var/log/security/* root.root 600
/var/spool/mail/ root.mail 771
/var/tmp root.root 1777
-/var/lib/monitoring httpd-naat.admin 2770
-/var/lib/naat root.admin 2770
-/var/log/httpd-naat httpd-naat.admin 750
-/var/www-naat httpd-naat.admin 750
-/var/log/snort snort.snort 750
diff --git a/conf/perm.5 b/conf/perm.5
index 1f16fca..e6abf1d 100644
--- a/conf/perm.5
+++ b/conf/perm.5
@@ -76,8 +76,3 @@
/var/log/security/* root.root 600
/var/spool/mail/ root.mail 771
/var/tmp root.root 1777
-/var/lib/monitoring httpd-naat.admin 2770
-/var/lib/naat root.admin 2770
-/var/log/httpd-naat httpd-naat.admin 750
-/var/www-naat httpd-naat.admin 750
-/var/log/snort snort.snort 750
diff --git a/conf/perm.snf b/conf/perm.snf
new file mode 100644
index 0000000..848054b
--- /dev/null
+++ b/conf/perm.snf
@@ -0,0 +1,72 @@
+# Welcome in Level 4, aka secure & usable.
+###
+/bin/ root.root 711
+/boot/ root.root 700
+/dev/ root.root 711
+/dev/audio* root.audio 600
+/dev/dsp* root.audio 600
+/etc/ root.adm 711
+/etc/conf.modules root.adm 640
+/etc/cron.daily/ root.adm 750
+/etc/cron.hourly/ root.adm 750
+/etc/cron.monthly/ root.adm 750
+/etc/cron.weekly/ root.adm 750
+/etc/crontab root.adm 640
+/etc/dhcpcd/ root.adm 750
+/etc/dhcpcd/* root.adm 640
+/etc/esd.conf root.audio 640
+/etc/ftpaccess root.adm 640
+/etc/ftpconversions root.adm 640
+/etc/ftpgroups root.adm 640
+/etc/ftphosts root.adm 640
+/etc/ftpusers root.adm 640
+/etc/gettydefs root.adm 640
+/etc/hosts.allow root.adm 640
+/etc/hosts.deny root.adm 640
+/etc/hosts.equiv root.adm 640
+/etc/inetd.conf root.adm 640
+/etc/rc.d/init.d/ root.adm 750
+/etc/rc.d/init.d/syslog root.adm 740
+/etc/inittab root.adm 640
+/etc/ld.so.conf root.adm 640
+/etc/lilo.conf root.adm 600
+/etc/modules.conf root.adm 640
+/etc/motd root.adm 644
+/etc/printcap root.lp 640
+/etc/profile.d/* root.root 755
+/etc/rc.d/ root.adm 640
+/etc/securetty root.root 640
+/etc/sendmail.cf root.adm 640
+/etc/shutdown.allow root.root 600
+/etc/ssh_config root.root 644
+/etc/ssh_host_key root.adm 640
+/etc/ssh_host_key.pub root.adm 644
+/etc/sshd_config root.adm 640
+/etc/syslog.conf root.adm 640
+/etc/updatedb.conf root.adm 640
+/home/ root.adm 751
+/home/* current 700
+/lib/ root.adm 751
+/mnt/ root.adm 750
+/root/ root.root 700
+/sbin/ root.adm 751
+/tmp/ root.root 1777
+/usr/ root.adm 751
+/usr/* root.adm 751
+/usr/X11R6/ root.xgrp 751
+/usr/bin/ root.adm 751
+/usr/sbin/ root.adm 751
+/var/ root.root 755
+/var/log/ root.root 711
+/var/log/* root.root 600
+/var/log/squidGuard squid.squid 751
+/var/log/squid squid.squid 751
+/var/log/security/ root.root 700
+/var/log/security/* root.root 600
+/var/spool/mail/ root.mail 771
+/var/tmp root.root 1777
+/var/lib/monitoring httpd-naat.admin 2770
+/var/lib/naat root.admin 2770
+/var/log/httpd-naat httpd-naat.admin 750
+/var/www-naat httpd-naat.admin 750
+/var/log/snort snort.snort 750