aboutsummaryrefslogtreecommitdiffstats
path: root/init-sh
diff options
context:
space:
mode:
Diffstat (limited to 'init-sh')
-rwxr-xr-xinit-sh/level0.sh2
-rwxr-xr-xinit-sh/level1.sh2
-rwxr-xr-xinit-sh/level2.sh2
-rwxr-xr-xinit-sh/level3.sh5
-rwxr-xr-xinit-sh/level4.sh3
-rwxr-xr-xinit-sh/level5.sh3
-rw-r--r--init-sh/perm.01
-rw-r--r--init-sh/perm.11
-rw-r--r--init-sh/perm.21
-rw-r--r--init-sh/perm.33
-rw-r--r--init-sh/perm.43
-rw-r--r--init-sh/perm.53
12 files changed, 25 insertions, 4 deletions
diff --git a/init-sh/level0.sh b/init-sh/level0.sh
index 5f4d66b..1c1447f 100755
--- a/init-sh/level0.sh
+++ b/init-sh/level0.sh
@@ -46,6 +46,8 @@ echo -e "\t- Check shadow file integrity : no."
AddRules "CHECK_SHADOW=no" /etc/security/msec/security.conf quiet
echo -e "\t- Security warning on tty : no."
AddRules "TTY_WARN=no" /etc/security/msec/security.conf quiet
+echo -e "\t- Security warning by mail : no."
+ AddRules "MAIL_WARN=no" /etc/security/msec/security.conf quiet
echo -e "\t- Security warning in syslog : no."
AddRules "SYSLOG_WARN=no" /etc/security/msec/security.conf
# end security check
diff --git a/init-sh/level1.sh b/init-sh/level1.sh
index 2cab039..269873b 100755
--- a/init-sh/level1.sh
+++ b/init-sh/level1.sh
@@ -46,6 +46,8 @@ echo -e "\t- Check shadow file integrity : no."
AddRules "CHECK_SHADOW=no" /etc/security/msec/security.conf quiet
echo -e "\t- Security warning on tty : no."
AddRules "TTY_WARN=no" /etc/security/msec/security.conf quiet
+echo -e "\t- Security warning by mail : no."
+ AddRules "MAIL_WARN=no" /etc/security/msec/security.conf quiet
echo -e "\t- Security warning in syslog : no."
AddRules "SYSLOG_WARN=no" /etc/security/msec/security.conf
# end security check
diff --git a/init-sh/level2.sh b/init-sh/level2.sh
index a6b82c2..379776a 100755
--- a/init-sh/level2.sh
+++ b/init-sh/level2.sh
@@ -46,6 +46,8 @@ echo -e "\t- Check shadow file integrity : no."
AddRules "CHECK_SHADOW=no" /etc/security/msec/security.conf quiet
echo -e "\t- Security warning on tty : no."
AddRules "TTY_WARN=no" /etc/security/msec/security.conf quiet
+echo -e "\t- Security warning by mail : no."
+ AddRules "MAIL_WARN=no" /etc/security/msec/security.conf quiet
echo -e "\t- Security warning in syslog : yes."
AddRules "SYSLOG_WARN=yes" /etc/security/msec/security.conf
# end security check
diff --git a/init-sh/level3.sh b/init-sh/level3.sh
index 6f091fd..6be1a66 100755
--- a/init-sh/level3.sh
+++ b/init-sh/level3.sh
@@ -50,6 +50,9 @@ echo -e "\t- Check shadow file integrity : yes."
AddRules "CHECK_SHADOW=yes" /etc/security/msec/security.conf quiet
echo -e "\t- Security warning on tty : yes."
AddRules "TTY_WARN=no" /etc/security/msec/security.conf quiet
+echo -e "\t- Security warning by mail : yes."
+ AddRules "MAIL_WARN=yes" /etc/security/msec/security.conf quiet
+ AddRules "MAIL_USER=root" /etc/security/msec/security.conf quiet
echo -e "\t- Security warning in syslog : yes."
AddRules "SYSLOG_WARN=yes" /etc/security/msec/security.conf
# end security check
@@ -82,4 +85,4 @@ rm -f ${tmpfile}
echo "done."
# Group were modified in lib.sh...
-grpconv \ No newline at end of file
+grpconv
diff --git a/init-sh/level4.sh b/init-sh/level4.sh
index f1a5b4c..6fbcf9b 100755
--- a/init-sh/level4.sh
+++ b/init-sh/level4.sh
@@ -59,6 +59,9 @@ echo -e "\t- Check shadow file integrity : yes."
AddRules "CHECK_SHADOW=yes" /etc/security/msec/security.conf quiet
echo -e "\t- Security warning on tty : yes."
AddRules "TTY_WARN=yes" /etc/security/msec/security.conf quiet
+echo -e "\t- Security warning by mail : yes."
+ AddRules "MAIL_WARN=yes" /etc/security/msec/security.conf quiet
+ AddRules "MAIL_USER=root" /etc/security/msec/security.conf quiet
echo -e "\t- Security warning in syslog : yes."
AddRules "SYSLOG_WARN=yes" /etc/security/msec/security.conf
# end security check
diff --git a/init-sh/level5.sh b/init-sh/level5.sh
index a8c50ff..f3752a6 100755
--- a/init-sh/level5.sh
+++ b/init-sh/level5.sh
@@ -50,6 +50,9 @@ echo -e "\t- Check shadow file integrity : yes."
AddRules "CHECK_SHADOW=yes" /etc/security/msec/security.conf quiet
echo -e "\t- Security warning on tty : yes."
AddRules "TTY_WARN=yes" /etc/security/msec/security.conf quiet
+echo -e "\t- Security warning by mail : yes."
+ AddRules "MAIL_WARN=yes" /etc/security/msec/security.conf quiet
+ AddRules "MAIL_USER=root" /etc/security/msec/security.conf quiet
echo -e "\t- Security warning in syslog : yes."
AddRules "SYSLOG_WARN=yes" /etc/security/msec/security.conf
# end security check
diff --git a/init-sh/perm.0 b/init-sh/perm.0
index 5249019..d305e1d 100644
--- a/init-sh/perm.0
+++ b/init-sh/perm.0
@@ -26,6 +26,7 @@
/etc/hosts.equiv root.root 644
/etc/inetd.conf root.root 644
/etc/init.d/ root.root 755
+/etc/rc.d/init.d/syslog root.root 744
/etc/inittab root.root 644
/etc/ld.so.conf root.root 644
/etc/lilo.conf root.root 644
diff --git a/init-sh/perm.1 b/init-sh/perm.1
index 39ded6d..b0815fa 100644
--- a/init-sh/perm.1
+++ b/init-sh/perm.1
@@ -26,6 +26,7 @@
/etc/hosts.equiv root.root 644
/etc/inetd.conf root.root 644
/etc/init.d/ root.root 755
+/etc/rc.d/init.d/syslog root.root 744
/etc/inittab root.root 644
/etc/ld.so.conf root.root 644
/etc/lilo.conf root.root 644
diff --git a/init-sh/perm.2 b/init-sh/perm.2
index d8cbec2..e416827 100644
--- a/init-sh/perm.2
+++ b/init-sh/perm.2
@@ -26,6 +26,7 @@
/etc/hosts.equiv root.root 644
/etc/inetd.conf root.root 644
/etc/init.d/ root.root 755
+/etc/rc.d/init.d/syslog root.root 744
/etc/inittab root.root 644
/etc/ld.so.conf root.root 644
/etc/lilo.conf root.root 644
diff --git a/init-sh/perm.3 b/init-sh/perm.3
index 69f9fe5..17305d7 100644
--- a/init-sh/perm.3
+++ b/init-sh/perm.3
@@ -26,6 +26,7 @@
/etc/hosts.equiv root.root 644
/etc/inetd.conf root.root 644
/etc/init.d/ root.root 755
+/etc/rc.d/init.d/syslog root.root 700
/etc/inittab root.root 644
/etc/ld.so.conf root.root 644
/etc/lilo.conf root.root 644
@@ -40,7 +41,7 @@
/etc/ssh_host_key root.root 644
/etc/ssh_host_key.pub root.root 644
/etc/sshd_config root.root 644
-/etc/syslog.conf root.root 644
+/etc/syslog.conf root.adm 640
/etc/updatedb.conf root.root 644
/home/ root.root 755
/home/* current 700
diff --git a/init-sh/perm.4 b/init-sh/perm.4
index d976e49..8df0c23 100644
--- a/init-sh/perm.4
+++ b/init-sh/perm.4
@@ -25,7 +25,8 @@
/etc/hosts.deny root.adm 640
/etc/hosts.equiv root.adm 640
/etc/inetd.conf root.adm 640
-/etc/init.d/ root.root 750
+/etc/rc.d/init.d/ root.adm 750
+/etc/rc.d/init.d/syslog root.adm 740
/etc/inittab root.adm 640
/etc/ld.so.conf root.adm 640
/etc/lilo.conf root.adm 600
diff --git a/init-sh/perm.5 b/init-sh/perm.5
index ec1b9b9..5765340 100644
--- a/init-sh/perm.5
+++ b/init-sh/perm.5
@@ -25,7 +25,8 @@
/etc/hosts.deny root.root 600
/etc/hosts.equiv root.root 600
/etc/inetd.conf root.root 600
-/etc/init.d/ root.root 700
+/etc/rc.d/init.d/ root.root 700
+/etc/rc.d/init.d/syslog root.root 700
/etc/inittab root.root 600
/etc/ld.so.conf root.root 600
/etc/lilo.conf root.root 600