diff options
-rwxr-xr-x | cron-sh/diff_check.sh | 12 | ||||
-rwxr-xr-x | cron-sh/security.sh | 16 | ||||
-rw-r--r-- | msec.spec | 13 | ||||
-rw-r--r-- | share/README | 2 | ||||
-rw-r--r-- | share/libmsec.py | 2 | ||||
-rwxr-xr-x | share/msec.py | 2 |
6 files changed, 27 insertions, 20 deletions
diff --git a/cron-sh/diff_check.sh b/cron-sh/diff_check.sh index ac7c10c..084de68 100755 --- a/cron-sh/diff_check.sh +++ b/cron-sh/diff_check.sh @@ -38,16 +38,16 @@ if [[ ${CHECK_SUID_ROOT} == yes ]]; then fi -### New Suid group files detection -if [[ ${CHECK_SUID_GROUP} == yes ]]; then +### New Sgid files detection +if [[ ${CHECK_SGID} == yes ]]; then - if [[ -f ${SUID_GROUP_YESTERDAY} ]]; then - if ! diff -u ${SUID_GROUP_YESTERDAY} ${SUID_GROUP_TODAY} > ${SUID_GROUP_DIFF}; then + if [[ -f ${SGID_YESTERDAY} ]]; then + if ! diff -u ${SGID_YESTERDAY} ${SGID_TODAY} > ${SGID_DIFF}; then printf "\nSecurity Warning: Changes in Sgid files found :\n" >> ${TMP} - grep '^+' ${SUID_GROUP_DIFF} | grep -vw "^+++ " | sed 's|^.||' | while read file; do + grep '^+' ${SGID_DIFF} | grep -vw "^+++ " | sed 's|^.||' | while read file; do printf "\t\t- Newly added sgid file : ${file}\n" done >> ${TMP} - grep '^-' ${SUID_GROUP_DIFF} | grep -vw "^--- " | sed 's|^.||' | while read file; do + grep '^-' ${SGID_DIFF} | grep -vw "^--- " | sed 's|^.||' | while read file; do printf "\t\t- No longer present sgid file : ${file}\n" done >> ${TMP} fi diff --git a/cron-sh/security.sh b/cron-sh/security.sh index 7c51395..efafc32 100755 --- a/cron-sh/security.sh +++ b/cron-sh/security.sh @@ -40,9 +40,9 @@ umask ${UMASK_ROOT=077} export SUID_ROOT_TODAY="/var/log/security/suid_root.today" SUID_ROOT_YESTERDAY="/var/log/security/suid_root.yesterday" SUID_ROOT_DIFF="/var/log/security/suid_root.diff" -export SUID_GROUP_TODAY="/var/log/security/suid_group.today" -SUID_GROUP_YESTERDAY="/var/log/security/suid_group.yesterday" -SUID_GROUP_DIFF="/var/log/security/suid_group.diff" +export SGID_TODAY="/var/log/security/sgid.today" +SGID_YESTERDAY="/var/log/security/sgid.yesterday" +SGID_DIFF="/var/log/security/sgid.diff" export SUID_MD5_TODAY="/var/log/security/suid_md5.today" SUID_MD5_YESTERDAY="/var/log/security/suid_md5.yesterday" SUID_MD5_DIFF="/var/log/security/suid_md5.diff" @@ -87,8 +87,8 @@ if [[ -f ${SUID_ROOT_TODAY} ]]; then mv ${SUID_ROOT_TODAY} ${SUID_ROOT_YESTERDAY}; fi -if [[ -f ${SUID_GROUP_TODAY} ]]; then - mv ${SUID_GROUP_TODAY} ${SUID_GROUP_YESTERDAY}; +if [[ -f ${SGID_TODAY} ]]; then + mv ${SGID_TODAY} ${SGID_YESTERDAY}; fi if [[ -f ${WRITABLE_TODAY} ]]; then @@ -137,9 +137,9 @@ if [[ -f ${SUID_ROOT_TODAY} ]]; then mv -f ${SUID_ROOT_TODAY}.tmp ${SUID_ROOT_TODAY} fi -if [[ -f ${SUID_GROUP_TODAY} ]]; then - sort < ${SUID_GROUP_TODAY} > ${SUID_GROUP_TODAY}.tmp - mv -f ${SUID_GROUP_TODAY}.tmp ${SUID_GROUP_TODAY} +if [[ -f ${SGID_TODAY} ]]; then + sort < ${SGID_TODAY} > ${SGID_TODAY}.tmp + mv -f ${SGID_TODAY}.tmp ${SGID_TODAY} fi if [[ -f ${WRITABLE_TODAY} ]]; then @@ -1,6 +1,6 @@ Summary: Security Level & Program for the Mandrake Linux distribution Name: msec -Version: 0.34.3 +Version: 0.34.4 Release: 1mdk Url: http://www.linux-mandrake.com/ Source0: %{name}-%{version}.tar.bz2 @@ -85,15 +85,18 @@ touch /var/log/security.log if [ $1 != 1 ]; then # manage spelling change if [ -f /etc/security/msec/level.local ]; then - perl -pi -e 's/CHECK_WRITEABLE/CHECK_WRITABLE/g' /etc/security/msec/level.local + perl -pi -e 's/CHECK_WRITEABLE/CHECK_WRITABLE/g;s/CHECK_SUID_GROUP/CHECK_SGID/g' /etc/security/msec/level.local fi if [ -f /etc/security/msec/security.conf ]; then - perl -pi -e 's/CHECK_WRITEABLE/CHECK_WRITABLE/g' /etc/security/msec/security.conf + perl -pi -e 's/CHECK_WRITEABLE/CHECK_WRITABLE/g;s/CHECK_SUID_GROUP/CHECK_SGID/g' /etc/security/msec/security.conf fi for ext in today yesterday diff; do if [ -f /var/log/security/writeable.$ext ]; then mv -f /var/log/security/writeable.$ext /var/log/security/writable.$ext fi + if [ -f /var/log/security/suid_group.$ext ]; then + mv -f /var/log/security/suid_group.$ext /var/log/security/sgid.$ext + fi done # find secure level @@ -152,6 +155,10 @@ rm -rf $RPM_BUILD_ROOT # MAKE THE CHANGES IN CVS: NO PATCH OR SOURCE ALLOWED %changelog +* Tue Sep 3 2002 Frederic Lepied <flepied@mandrakesoft.com> 0.34.4-1mdk +- more spelling errors fixes thx to David Relson: + o CHECK_SUID_GROUP => CHECK_SGID + * Fri Aug 30 2002 Frederic Lepied <flepied@mandrakesoft.com> 0.34.3-1mdk - fixed server symlink creation - corrected spelling errors thx to David Relson diff --git a/share/README b/share/README index 664d66b..2f5d5df 100644 --- a/share/README +++ b/share/README @@ -46,7 +46,7 @@ CHECK_SECURITY no yes yes yes yes yes CHECK_PERMS no no no yes yes yes CHECK_SUID_ROOT no no yes yes yes yes CHECK_SUID_MD5 no no yes yes yes yes -CHECK_SUID_GROUP no no yes yes yes yes +CHECK_SGID no no yes yes yes yes CHECK_WRITABLE no no yes yes yes yes CHECK_UNOWNED no no no no yes yes CHECK_PROMISC no no no no yes yes diff --git a/share/libmsec.py b/share/libmsec.py index ccd1f1d..e559c74 100644 --- a/share/libmsec.py +++ b/share/libmsec.py @@ -1216,7 +1216,7 @@ MAIL_USER if set, send the mail report to this email address else send it to roo CHECK_OPEN_PORT if set to yes, check open ports. -CHECK_SUID_GROUP if set to yes, check additions/removals of sgid files. +CHECK_SGID if set to yes, check additions/removals of sgid files. ''' securityconf = ConfigFile.get_config_file(SECURITYCONF) securityconf.set_shell_variable(var, value) diff --git a/share/msec.py b/share/msec.py index f53ed4f..f8a5289 100755 --- a/share/msec.py +++ b/share/msec.py @@ -232,7 +232,7 @@ FILE_CHECKS = {'CHECK_SECURITY' : ('no', 'yes', 'yes', 'yes', 'yes', 'yes', 'CHECK_PERMS' : ('no', 'no', 'no', 'yes', 'yes', 'yes', ), 'CHECK_SUID_ROOT' : ('no', 'no', 'yes', 'yes', 'yes', 'yes', ), 'CHECK_SUID_MD5' : ('no', 'no', 'yes', 'yes', 'yes', 'yes', ), - 'CHECK_SUID_GROUP' : ('no', 'no', 'yes', 'yes', 'yes', 'yes', ), + 'CHECK_SGID' : ('no', 'no', 'yes', 'yes', 'yes', 'yes', ), 'CHECK_WRITABLE' : ('no', 'no', 'yes', 'yes', 'yes', 'yes', ), 'CHECK_UNOWNED' : ('no', 'no', 'no', 'no', 'yes', 'yes', ), 'CHECK_PROMISC' : ('no', 'no', 'no', 'no', 'yes', 'yes', ), |