aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rwxr-xr-xcron-sh/diff_check.sh12
-rwxr-xr-xcron-sh/security.sh16
-rw-r--r--msec.spec13
-rw-r--r--share/README2
-rw-r--r--share/libmsec.py2
-rwxr-xr-xshare/msec.py2
6 files changed, 27 insertions, 20 deletions
diff --git a/cron-sh/diff_check.sh b/cron-sh/diff_check.sh
index ac7c10c..084de68 100755
--- a/cron-sh/diff_check.sh
+++ b/cron-sh/diff_check.sh
@@ -38,16 +38,16 @@ if [[ ${CHECK_SUID_ROOT} == yes ]]; then
fi
-### New Suid group files detection
-if [[ ${CHECK_SUID_GROUP} == yes ]]; then
+### New Sgid files detection
+if [[ ${CHECK_SGID} == yes ]]; then
- if [[ -f ${SUID_GROUP_YESTERDAY} ]]; then
- if ! diff -u ${SUID_GROUP_YESTERDAY} ${SUID_GROUP_TODAY} > ${SUID_GROUP_DIFF}; then
+ if [[ -f ${SGID_YESTERDAY} ]]; then
+ if ! diff -u ${SGID_YESTERDAY} ${SGID_TODAY} > ${SGID_DIFF}; then
printf "\nSecurity Warning: Changes in Sgid files found :\n" >> ${TMP}
- grep '^+' ${SUID_GROUP_DIFF} | grep -vw "^+++ " | sed 's|^.||' | while read file; do
+ grep '^+' ${SGID_DIFF} | grep -vw "^+++ " | sed 's|^.||' | while read file; do
printf "\t\t- Newly added sgid file : ${file}\n"
done >> ${TMP}
- grep '^-' ${SUID_GROUP_DIFF} | grep -vw "^--- " | sed 's|^.||' | while read file; do
+ grep '^-' ${SGID_DIFF} | grep -vw "^--- " | sed 's|^.||' | while read file; do
printf "\t\t- No longer present sgid file : ${file}\n"
done >> ${TMP}
fi
diff --git a/cron-sh/security.sh b/cron-sh/security.sh
index 7c51395..efafc32 100755
--- a/cron-sh/security.sh
+++ b/cron-sh/security.sh
@@ -40,9 +40,9 @@ umask ${UMASK_ROOT=077}
export SUID_ROOT_TODAY="/var/log/security/suid_root.today"
SUID_ROOT_YESTERDAY="/var/log/security/suid_root.yesterday"
SUID_ROOT_DIFF="/var/log/security/suid_root.diff"
-export SUID_GROUP_TODAY="/var/log/security/suid_group.today"
-SUID_GROUP_YESTERDAY="/var/log/security/suid_group.yesterday"
-SUID_GROUP_DIFF="/var/log/security/suid_group.diff"
+export SGID_TODAY="/var/log/security/sgid.today"
+SGID_YESTERDAY="/var/log/security/sgid.yesterday"
+SGID_DIFF="/var/log/security/sgid.diff"
export SUID_MD5_TODAY="/var/log/security/suid_md5.today"
SUID_MD5_YESTERDAY="/var/log/security/suid_md5.yesterday"
SUID_MD5_DIFF="/var/log/security/suid_md5.diff"
@@ -87,8 +87,8 @@ if [[ -f ${SUID_ROOT_TODAY} ]]; then
mv ${SUID_ROOT_TODAY} ${SUID_ROOT_YESTERDAY};
fi
-if [[ -f ${SUID_GROUP_TODAY} ]]; then
- mv ${SUID_GROUP_TODAY} ${SUID_GROUP_YESTERDAY};
+if [[ -f ${SGID_TODAY} ]]; then
+ mv ${SGID_TODAY} ${SGID_YESTERDAY};
fi
if [[ -f ${WRITABLE_TODAY} ]]; then
@@ -137,9 +137,9 @@ if [[ -f ${SUID_ROOT_TODAY} ]]; then
mv -f ${SUID_ROOT_TODAY}.tmp ${SUID_ROOT_TODAY}
fi
-if [[ -f ${SUID_GROUP_TODAY} ]]; then
- sort < ${SUID_GROUP_TODAY} > ${SUID_GROUP_TODAY}.tmp
- mv -f ${SUID_GROUP_TODAY}.tmp ${SUID_GROUP_TODAY}
+if [[ -f ${SGID_TODAY} ]]; then
+ sort < ${SGID_TODAY} > ${SGID_TODAY}.tmp
+ mv -f ${SGID_TODAY}.tmp ${SGID_TODAY}
fi
if [[ -f ${WRITABLE_TODAY} ]]; then
diff --git a/msec.spec b/msec.spec
index 6d866ee..47cb39c 100644
--- a/msec.spec
+++ b/msec.spec
@@ -1,6 +1,6 @@
Summary: Security Level & Program for the Mandrake Linux distribution
Name: msec
-Version: 0.34.3
+Version: 0.34.4
Release: 1mdk
Url: http://www.linux-mandrake.com/
Source0: %{name}-%{version}.tar.bz2
@@ -85,15 +85,18 @@ touch /var/log/security.log
if [ $1 != 1 ]; then
# manage spelling change
if [ -f /etc/security/msec/level.local ]; then
- perl -pi -e 's/CHECK_WRITEABLE/CHECK_WRITABLE/g' /etc/security/msec/level.local
+ perl -pi -e 's/CHECK_WRITEABLE/CHECK_WRITABLE/g;s/CHECK_SUID_GROUP/CHECK_SGID/g' /etc/security/msec/level.local
fi
if [ -f /etc/security/msec/security.conf ]; then
- perl -pi -e 's/CHECK_WRITEABLE/CHECK_WRITABLE/g' /etc/security/msec/security.conf
+ perl -pi -e 's/CHECK_WRITEABLE/CHECK_WRITABLE/g;s/CHECK_SUID_GROUP/CHECK_SGID/g' /etc/security/msec/security.conf
fi
for ext in today yesterday diff; do
if [ -f /var/log/security/writeable.$ext ]; then
mv -f /var/log/security/writeable.$ext /var/log/security/writable.$ext
fi
+ if [ -f /var/log/security/suid_group.$ext ]; then
+ mv -f /var/log/security/suid_group.$ext /var/log/security/sgid.$ext
+ fi
done
# find secure level
@@ -152,6 +155,10 @@ rm -rf $RPM_BUILD_ROOT
# MAKE THE CHANGES IN CVS: NO PATCH OR SOURCE ALLOWED
%changelog
+* Tue Sep 3 2002 Frederic Lepied <flepied@mandrakesoft.com> 0.34.4-1mdk
+- more spelling errors fixes thx to David Relson:
+ o CHECK_SUID_GROUP => CHECK_SGID
+
* Fri Aug 30 2002 Frederic Lepied <flepied@mandrakesoft.com> 0.34.3-1mdk
- fixed server symlink creation
- corrected spelling errors thx to David Relson
diff --git a/share/README b/share/README
index 664d66b..2f5d5df 100644
--- a/share/README
+++ b/share/README
@@ -46,7 +46,7 @@ CHECK_SECURITY no yes yes yes yes yes
CHECK_PERMS no no no yes yes yes
CHECK_SUID_ROOT no no yes yes yes yes
CHECK_SUID_MD5 no no yes yes yes yes
-CHECK_SUID_GROUP no no yes yes yes yes
+CHECK_SGID no no yes yes yes yes
CHECK_WRITABLE no no yes yes yes yes
CHECK_UNOWNED no no no no yes yes
CHECK_PROMISC no no no no yes yes
diff --git a/share/libmsec.py b/share/libmsec.py
index ccd1f1d..e559c74 100644
--- a/share/libmsec.py
+++ b/share/libmsec.py
@@ -1216,7 +1216,7 @@ MAIL_USER if set, send the mail report to this email address else send it to roo
CHECK_OPEN_PORT if set to yes, check open ports.
-CHECK_SUID_GROUP if set to yes, check additions/removals of sgid files.
+CHECK_SGID if set to yes, check additions/removals of sgid files.
'''
securityconf = ConfigFile.get_config_file(SECURITYCONF)
securityconf.set_shell_variable(var, value)
diff --git a/share/msec.py b/share/msec.py
index f53ed4f..f8a5289 100755
--- a/share/msec.py
+++ b/share/msec.py
@@ -232,7 +232,7 @@ FILE_CHECKS = {'CHECK_SECURITY' : ('no', 'yes', 'yes', 'yes', 'yes', 'yes',
'CHECK_PERMS' : ('no', 'no', 'no', 'yes', 'yes', 'yes', ),
'CHECK_SUID_ROOT' : ('no', 'no', 'yes', 'yes', 'yes', 'yes', ),
'CHECK_SUID_MD5' : ('no', 'no', 'yes', 'yes', 'yes', 'yes', ),
- 'CHECK_SUID_GROUP' : ('no', 'no', 'yes', 'yes', 'yes', 'yes', ),
+ 'CHECK_SGID' : ('no', 'no', 'yes', 'yes', 'yes', 'yes', ),
'CHECK_WRITABLE' : ('no', 'no', 'yes', 'yes', 'yes', 'yes', ),
'CHECK_UNOWNED' : ('no', 'no', 'no', 'no', 'yes', 'yes', ),
'CHECK_PROMISC' : ('no', 'no', 'no', 'no', 'yes', 'yes', ),