From b998b624e9da5711fca0821b69c9d23d3487e98c Mon Sep 17 00:00:00 2001 From: Mystery Man Date: Fri, 13 Dec 2002 10:14:31 +0000 Subject: This commit was manufactured by cvs2svn to create tag 'V0_32_1_1mdk'. --- ChangeLog | 1156 +++++++++++++++++++++++++++++++++--------------------- msec.spec | 25 +- share/libmsec.py | 2 +- share/msec.py | 2 +- 4 files changed, 718 insertions(+), 467 deletions(-) diff --git a/ChangeLog b/ChangeLog index 32995ea..672fdd8 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,86 +1,334 @@ -2002-07-30 20:51 Frederic Lepied +2002-12-13 05:14 Frederic Lepied + + * msec.spec: removed 9.0 stuff + +2002-12-13 03:55 Frederic Lepied + + * msec.spec: 0.32.1-1mdk + +2002-12-13 03:55 Frederic Lepied + + * share/msec.py: no password aging in level 4 + +2002-12-13 03:54 Frederic Lepied + + * share/libmsec.py: pam passwd file is in /etc/pam.d/passwd + +2002-11-20 14:57 Frederic Lepied + + * msec.spec: 0.37-1mdk + +2002-11-20 14:57 Frederic Lepied + + * share/libmsec.py: password_aging: chage is l10n now so use + LC_ALL=C before calling it. + +2002-11-07 05:29 Thierry Vignaud + + * msec.spec: requires s/(sh-|text|file)utils/coreutils/ + +2002-09-17 10:12 Frederic Lepied + + * msec.spec: X-\*-Core => X-:\*-Core + +2002-09-17 10:12 Frederic Lepied + + * share/libmsec.py: allow_reboot: X-\*-Core => X-:\*-Core + +2002-09-17 09:38 Frederic Lepied + + * msec.spec: better wording + +2002-09-17 09:08 Frederic Lepied + + * msec.spec: 0.36-1mdk + +2002-09-17 09:08 Frederic Lepied + + * share/libmsec.py: - allow_user_list handles Selected when not + changing security level. - allow_reboot handles Root when not + changing security level. + +2002-09-09 14:51 Frederic Lepied + + * conf/server.4: removed double network entry + +2002-09-06 09:37 Frederic Lepied + + * msec.spec: 0.34.5-2mdk + +2002-09-06 08:51 Frederic Lepied + + * src/msec_find/find.c: SUID_GROUP_TODAY => SGID_TODAY + +2002-09-05 08:14 Frederic Lepied + + * msec.spec: 0.34.5-1mdk + +2002-09-05 08:12 Frederic Lepied + + * share/libmsec.py: allow_user_list: lookup ShowUsers in the + X-*-Greeter section of kdmrc. + +2002-09-05 04:50 Frederic Lepied + + * msec.spec: 0.34.4-2mdk + +2002-09-05 04:50 Frederic Lepied + + * share/libmsec.py: removed debug output + +2002-09-03 02:57 Frederic Lepied + + * msec.spec, cron-sh/diff_check.sh, cron-sh/security.sh, + share/README, share/libmsec.py, share/msec.py: CHECK_SUID_GROUP => + CHECK_SGID + +2002-08-30 08:22 Frederic Lepied + + * msec.spec: 0.34.3-1mdk + +2002-08-30 08:20 Frederic Lepied + + * msec.spec, cron-sh/diff_check.sh, cron-sh/security.sh, + cron-sh/security_check.sh, doc/msec.lyx, doc/security.txt, + init-sh/custom.sh, init-sh/level1.sh, share/README, + share/libmsec.py, share/msec.py, src/msec_find/find.c: writeable => + writable + +2002-08-30 08:18 Frederic Lepied + + * share/Makefile: clean generated files + +2002-08-29 14:53 Frederic Lepied + + * share/shadow.py: call function with no argument in + commit_changes. + +2002-08-27 16:26 Frederic Lepied + + * msec.spec: 0.34.2-1mdk + +2002-08-27 16:25 Frederic Lepied + + * conf/: perm.0, perm.1, perm.2, perm.3, perm.4, perm.5: fix /boot + with a better way + +2002-08-27 10:13 Frederic Lepied + + * msec.spec: 0.34.1-1mdk + +2002-08-27 10:10 Frederic Lepied + + * conf/: perm.0, perm.1, perm.2, perm.3, perm.4, perm.5: correct + permissions for /boot/kernel.h* + +2002-08-27 10:03 Frederic Lepied + + * Makefile: launch make in cron-sh to check shell script syntax + +2002-08-27 10:03 Frederic Lepied + + * cron-sh/security.sh: correct syntax error + +2002-08-27 10:02 Frederic Lepied + + * cron-sh/Makefile: check the syntax of the shell scripts + +2002-08-26 17:05 Frederic Lepied + + * conf/: server.4, server.5: added dm + +2002-08-25 15:55 Frederic Lepied + + * msec.spec: 0.34-1mdk + +2002-08-25 15:48 Frederic Lepied + + * msec.spec: security_check.sh and diff_check.sh installed 644 to + prevent direct execution. + +2002-08-25 15:47 Frederic Lepied + + * conf/: perm.4, perm.5: let hosts.{allow,deny} be readable by + everyone (to allow all the daemons to access them). + +2002-08-25 15:43 Frederic Lepied + + * cron-sh/diff_check.sh: emptiness is tested in Maillog now + +2002-08-25 15:41 Frederic Lepied + + * cron-sh/security.sh: implement MAIL_EMPTY_CONTENT + +2002-08-25 15:39 Frederic Lepied + + * doc/security.txt: documented daily mailing of security checks + +2002-08-25 15:38 Frederic Lepied + + * share/msec.py: added MAIL_EMPTY_CONTENT + +2002-08-25 15:30 Frederic Lepied + + * share/ConfigFile.py: enhanced get_shell_variable to be able to + specify a region to do the search. + +2002-08-25 15:29 Frederic Lepied + + * share/libmsec.py: allow_reboot: used section X-:0-Core instead of + X-:*-Greeter for kdmrc. + + password_history: create /etc/security/opasswd if it doesn't exist. + +2002-08-19 17:09 Frederic Lepied + + * msec.spec: 0.33-1mdk + +2002-08-19 17:09 Frederic Lepied + + * Makefile: use $(RPM_BUILD_ROOT) instead of $RPM_BUILD_ROOT + +2002-08-19 17:08 Frederic Lepied + + * cron-sh/: diff_check.sh, security_check.sh: corrected wording + +2002-08-19 17:07 Frederic Lepied + + * share/msec: added missing "not" + +2002-08-11 14:49 Frederic Lepied + + * msec.spec: 0.32-1mdk + +2002-08-11 14:48 Frederic Lepied + + * Makefile: corrected the compilation of the python part. + +2002-08-11 14:44 Frederic Lepied + + * share/msec.py: replace 0 => no and 1 => yes. + + call password_history according to the levels. + +2002-08-11 14:43 Frederic Lepied + + * share/libmsec.py: corrected without_password + +2002-08-11 14:42 Frederic Lepied + + * share/shadow.py: added without_password + +2002-08-11 14:41 Frederic Lepied + + * share/libmsec.py: password_length use system-auth instead of + passwd pam file. + + new function: password_history. + +2002-08-11 14:39 Frederic Lepied + + * share/Perms.py: do not change non local files/directories. + +2002-08-11 14:38 Frederic Lepied + + * doc/security.txt: documented password history and root logins. + +2002-08-11 14:34 Frederic Lepied + + * man/C/msec.8: document options + +2002-07-31 11:41 Frederic Lepied + + * msec.spec: 0.31.1-1mdk + +2002-07-31 11:40 Frederic Lepied + + * share/msec.py: correct the test for processing level.local. + +2002-07-30 14:51 Frederic Lepied * msec.spec: 0.31-1mdk -2002-07-30 20:50 Frederic Lepied +2002-07-30 14:50 Frederic Lepied * share/.cvsignore: added level.* -2002-07-30 20:50 Frederic Lepied +2002-07-30 14:50 Frederic Lepied * share/libmsec.py: added fields to describe how arguments are used (to be used by shadow.py) -2002-07-30 20:48 Frederic Lepied +2002-07-30 14:48 Frederic Lepied * share/msec.py: added print and nolocal options -2002-07-30 20:47 Frederic Lepied +2002-07-30 14:47 Frederic Lepied * share/shadow.py: added print_changes and get_translation -2002-07-30 20:46 Frederic Lepied +2002-07-30 14:46 Frederic Lepied * share/Makefile: added rules for level.* -2002-07-29 09:36 Frederic Lepied +2002-07-29 03:36 Frederic Lepied * msec.spec: 0.30.2-1mdk -2002-07-29 09:36 Frederic Lepied +2002-07-29 03:36 Frederic Lepied * share/libmsec.py: fixed typo in allow_root_login -2002-07-28 22:53 Frederic Lepied +2002-07-28 16:53 Frederic Lepied * msec.spec: 0.30.1-1mdk -2002-07-28 22:53 Frederic Lepied +2002-07-28 16:53 Frederic Lepied * share/libmsec.py: (set_zero_one_variable): corrected bug when the variable doesn't exist before setting it. -2002-07-27 22:47 Frederic Lepied +2002-07-27 16:47 Frederic Lepied * msec.spec: 0.30 -2002-07-27 22:46 Frederic Lepied +2002-07-27 16:46 Frederic Lepied * share/CHANGES: added 0.30 changes -2002-07-27 22:40 Frederic Lepied +2002-07-27 16:40 Frederic Lepied * share/libmsec.py: finalized no security lowering feature. -2002-07-27 21:26 Frederic Lepied +2002-07-27 15:26 Frederic Lepied * share/msec: corrected last argument processing. -2002-07-27 21:23 Frederic Lepied +2002-07-27 15:23 Frederic Lepied * share/README: corrected splitted functions. -2002-07-27 21:13 Frederic Lepied +2002-07-27 15:13 Frederic Lepied * man/C/msec.8: descibed differences between interactive and non-interactive calls. added a paragraph on the logs. -2002-07-27 21:12 Frederic Lepied +2002-07-27 15:12 Frederic Lepied * share/libmsec.py: * (more functions): don't lower security when not changing secure level. -2002-07-25 01:16 Frederic Lepied +2002-07-24 19:16 Frederic Lepied * doc/security.txt: * describe file permissions according to the levels. * correct description of X server security. -2002-07-25 01:14 Frederic Lepied +2002-07-24 19:14 Frederic Lepied * cron-sh/promisc_check.sh: * use TTY_WARN instead of TTYLOG_WARN (David Harris). -2002-07-25 01:07 Frederic Lepied +2002-07-24 19:07 Frederic Lepied * share/libmsec.py: * (set_zero_one_variable): factorize sysctl.conf manipulation functions. * @@ -96,91 +344,91 @@ disabling ip spoofing protection put back net.ipv4.conf.all.rp_filter to 0 (David Harris). -2002-07-25 01:06 Frederic Lepied +2002-07-24 19:06 Frederic Lepied * share/msec.py: call splitted function with the same args. -2002-07-25 01:02 Frederic Lepied +2002-07-24 19:02 Frederic Lepied * share/ConfigFile.py: * (ConfigFile.get_match): return the whole line if replace is None. -2002-07-06 15:36 Frederic Lepied +2002-07-06 09:36 Frederic Lepied * share/libmsec.py: if sysctl.conf is modified reload its content with sysctl but do not restart network. -2002-07-04 19:02 Frederic Lepied +2002-07-04 13:02 Frederic Lepied * msec.spec: 0.25-1mdk -2002-07-04 18:57 Frederic Lepied +2002-07-04 12:57 Frederic Lepied * share/libmsec.py: allow_root_login: corrected regexp to avoid adding the string at every run. -2002-07-04 18:38 Frederic Lepied +2002-07-04 12:38 Frederic Lepied * conf/: server.snf, perm.snf: [no log message] -2002-07-04 18:37 Frederic Lepied +2002-07-04 12:37 Frederic Lepied * conf/server.4: added entry for MNF -2002-07-04 09:30 Frederic Lepied +2002-07-04 03:30 Frederic Lepied * share/libmsec.py: insert changes when no match is found for logindefs and sshd_config. -2002-06-27 09:58 Frederic Lepied +2002-06-27 03:58 Frederic Lepied * msec.spec: 0.24-1mdk -2002-06-27 09:57 Frederic Lepied +2002-06-27 03:57 Frederic Lepied * share/msec: pass -c to Perms.py if the level is given on the command line. -2002-06-27 09:56 Frederic Lepied +2002-06-27 03:56 Frederic Lepied * share/Perms.py: if we don't change the security level, try not to lower the security if the user has changed it manually (added -c option). -2002-06-04 20:24 Christian Belisle +2002-06-04 14:24 Christian Belisle * share/libmsec.py: corrected typo -2002-05-31 05:35 Frederic Lepied +2002-05-30 23:35 Frederic Lepied * msec.spec: 0.23-1mdk -2002-05-31 05:34 Frederic Lepied +2002-05-30 23:34 Frederic Lepied * share/: ConfigFile.py, Perms.py: report more complete error messages. -2002-05-31 05:31 Frederic Lepied +2002-05-30 23:31 Frederic Lepied * share/msec: check that the root is running the process -2002-05-29 22:39 Frederic Lepied +2002-05-29 16:39 Frederic Lepied * share/libmsec.py: corrected typo -2002-05-29 22:38 Frederic Lepied +2002-05-29 16:38 Frederic Lepied * msec.spec: 0.22-1mdk -2002-05-29 22:35 Frederic Lepied +2002-05-29 16:35 Frederic Lepied * share/libmsec.py: added no_password_aging_for -2002-05-14 19:04 Frederic Lepied +2002-05-14 13:04 Frederic Lepied * conf/: server.4, server.5: added shorewall -2002-04-29 19:52 Frederic Lepied +2002-04-29 13:52 Frederic Lepied * cron-sh/security_check.sh: corrected alias files loop (Jérôme UZEL). CVS: @@ -192,200 +440,200 @@ ------------------------------------------------------------------- --- -2002-04-19 20:17 Frederic Lepied +2002-04-19 14:17 Frederic Lepied * msec.spec: 0.21-1mdk -2002-04-19 20:17 Frederic Lepied +2002-04-19 14:17 Frederic Lepied * share/msec.py: load the config file using the context of mseclib. -2002-04-19 20:15 Frederic Lepied +2002-04-19 14:15 Frederic Lepied * man/C/msec.8: don't specify a version for the doc path. -2002-03-27 22:23 Frederic Lepied +2002-03-27 16:23 Frederic Lepied * msec.spec: 0.20-2mdk -2002-03-27 22:16 Frederic Lepied +2002-03-27 16:16 Frederic Lepied * share/libmsec.py: allow_reboot: only touch the shutdown, poweroff, reboot and halt files if they don't exist. -2002-03-26 06:03 Frederic Lepied +2002-03-26 00:03 Frederic Lepied * msec.spec: 0.20-1mdk -2002-03-26 05:55 Frederic Lepied +2002-03-25 23:55 Frederic Lepied * share/.cvsignore: added *.flog -2002-03-26 05:55 Frederic Lepied +2002-03-25 23:55 Frederic Lepied * share/shadow.py: handle ignore case. -2002-03-26 05:54 Frederic Lepied +2002-03-25 23:54 Frederic Lepied * share/man.py: document ignore argument. -2002-03-26 05:54 Frederic Lepied +2002-03-25 23:54 Frederic Lepied * share/libmsec.py: removed yes/no declarations as they are used only from mseclib.py. Maximum password aging can be -1. -2002-03-09 01:24 Frederic Lepied +2002-03-08 19:24 Frederic Lepied * msec.spec: 0.19-8mdk -2002-03-09 01:22 Frederic Lepied +2002-03-08 19:22 Frederic Lepied * conf/: perm.0, perm.1, perm.2, perm.3: /var/log/lp-errs must be 600 -2002-03-08 19:56 Frederic Lepied +2002-03-08 13:56 Frederic Lepied * msec.spec: 0.19-7mdk -2002-03-08 19:42 Frederic Lepied +2002-03-08 13:42 Frederic Lepied * share/shadow.py: export yes/no to be in sync with libmsec. -2002-03-08 19:41 Frederic Lepied +2002-03-08 13:41 Frederic Lepied * share/man.py: document the value of arguments. -2002-03-08 19:41 Frederic Lepied +2002-03-08 13:41 Frederic Lepied * share/libmsec.py: added yes and no to be used as argument to the functions. -2002-03-08 19:40 Frederic Lepied +2002-03-08 13:40 Frederic Lepied * man/C/msec.8: ponts to security.txt -2002-03-08 19:37 Frederic Lepied +2002-03-08 13:37 Frederic Lepied * conf/: perm.0, perm.1, perm.2, perm.3, perm.4, perm.5: fix permissions of /var/log/lp-errs for LPRng -2002-03-06 05:12 Frederic Lepied +2002-03-05 23:12 Frederic Lepied * msec.spec: 0.19-6mdk -2002-03-06 05:11 Frederic Lepied +2002-03-05 23:11 Frederic Lepied * share/msec, cron-sh/security.sh: don't run twice -2002-03-04 20:19 Frederic Lepied +2002-03-04 14:19 Frederic Lepied * msec.spec: 0.19-5mdk -2002-03-04 20:19 Frederic Lepied +2002-03-04 14:19 Frederic Lepied * msec.sh: more robust if SECURE_LEVEL isn't set. -2002-03-04 20:18 Frederic Lepied +2002-03-04 14:18 Frederic Lepied * share/libmsec.py: use 127.0.0.1 instead of localhost in hosts.deny -2002-02-26 22:16 Pixel +2002-02-26 16:16 Pixel * msec.csh, msec.spec: msec.csh: "unhash" workaround for /usr/bin non-readable (msec 5) applied after modifying PATH (eurk!) -2002-02-25 22:15 Frederic Lepied +2002-02-25 16:15 Frederic Lepied * msec.spec: 0.19-4mdk -2002-02-25 22:14 Frederic Lepied +2002-02-25 16:14 Frederic Lepied * msec.sh: don't manage /usr/games and /usr/X11R6/bin, this has nothing to do with security -2002-02-25 22:13 Frederic Lepied +2002-02-25 16:13 Frederic Lepied * share/libmsec.py: don't restart network on sysctl.conf change. -2002-02-25 22:12 Frederic Lepied +2002-02-25 16:12 Frederic Lepied * cron-sh/: diff_check.sh, security.sh, security_check.sh: split rpm-va check in 2: config files and other files -2002-02-25 22:07 Frederic Lepied +2002-02-25 16:07 Frederic Lepied * doc/security.txt: resync with current code -2002-02-24 01:38 Pablo Saratxaga +2002-02-23 19:38 Pablo Saratxaga * man/fr/init.sh.8: added French man page -2002-02-22 22:56 Frederic Lepied +2002-02-22 16:56 Frederic Lepied * msec.spec: 0.19-3mdk -2002-02-22 22:55 Frederic Lepied +2002-02-22 16:55 Frederic Lepied * share/msec.py: do not use enable_libsafe anymore. -2002-02-22 21:13 Pablo Saratxaga +2002-02-22 15:13 Pablo Saratxaga * man/eu/: init.sh.8, msec.8: Added Basque files -2002-02-22 20:38 Frederic Lepied +2002-02-22 14:38 Frederic Lepied * cron-sh/diff_check.sh: security.conf from /etc/security/msec/ to /var/lib/msec/. -2002-02-22 19:42 Frederic Lepied +2002-02-22 13:42 Frederic Lepied * cron-sh/security_check.sh: check uid and not gid -2002-02-22 14:23 Frederic Lepied +2002-02-22 08:23 Frederic Lepied * cron-sh/promisc_check.sh: use security.conf from /var/lib/msec -2002-02-21 14:52 Frederic Lepied +2002-02-21 08:52 Frederic Lepied * conf/: perm.0, perm.1, perm.2, perm.3, perm.4, perm.5, perm.snf: let drakx handle lilo.conf perm -2002-02-20 22:51 Frederic Lepied +2002-02-20 16:51 Frederic Lepied * msec.spec: 0.19-2mdk -2002-02-20 22:50 Frederic Lepied +2002-02-20 16:50 Frederic Lepied * share/msec.py: implement no password in level 0 X listens to tcp connections in level 3 -2002-02-20 22:50 Frederic Lepied +2002-02-20 16:50 Frederic Lepied * share/libmsec.py: added enable_password -2002-02-20 22:49 Frederic Lepied +2002-02-20 16:49 Frederic Lepied * share/CHANGES: documented changes in versions 0.18 and 0.19 -2002-02-20 22:47 Frederic Lepied +2002-02-20 16:47 Frederic Lepied * share/ConfigFile.py: added insert_before. -2002-02-20 22:40 Frederic Lepied +2002-02-20 16:40 Frederic Lepied * conf/: perm.4, perm.5: kmem => adm -2002-02-19 21:18 Frederic Lepied +2002-02-19 15:18 Frederic Lepied * cron-sh/security.sh: corrected typo msec/msec. -2002-02-19 21:15 Frederic Lepied +2002-02-19 15:15 Frederic Lepied * msec.spec: 0.19-1mdk -2002-02-19 21:10 Frederic Lepied +2002-02-19 15:10 Frederic Lepied * share/libmsec.py: /etc/security/msec/security.conf => /var/lib/msec/security.conf @@ -394,114 +642,114 @@ catch inconsistency between /etc/shadow and /etc/passwd. -2002-02-19 21:00 Frederic Lepied +2002-02-19 15:00 Frederic Lepied * man/C/msec.8: /etc/security/msec/security.conf => /var/lib/msec/security.conf -2002-02-19 20:17 Frederic Lepied +2002-02-19 14:17 Frederic Lepied * conf/: perm.4, perm.5: corrected permissions for /var/log/intraline -2002-02-19 20:12 Frederic Lepied +2002-02-19 14:12 Frederic Lepied * share/msec: use perm file from /usr/share/msec/ -2002-02-19 20:08 Frederic Lepied +2002-02-19 14:08 Frederic Lepied * cron-sh/security.sh: use /var/lib/msec/msec/security.conf -2002-02-19 20:05 Frederic Lepied +2002-02-19 14:05 Frederic Lepied * msec.csh: corrected id test. -2002-02-15 23:59 Frederic Lepied +2002-02-15 17:59 Frederic Lepied * share/.cvsignore: added generated files -2002-02-15 06:22 Frederic Lepied +2002-02-15 00:22 Frederic Lepied * msec.spec: 0.18-6mdk -2002-02-15 06:21 Frederic Lepied +2002-02-15 00:21 Frederic Lepied * msec.sh: test SECURE_LEVEL before using it as a number -2002-02-15 06:20 Frederic Lepied +2002-02-15 00:20 Frederic Lepied * share/msec.py: use the right string for the prog name -2002-02-15 06:19 Frederic Lepied +2002-02-15 00:19 Frederic Lepied * share/libmsec.py: allow an extra arg to specify the log to do in enable_console_log -2002-02-15 06:18 Frederic Lepied +2002-02-15 00:18 Frederic Lepied * cron-sh/security.sh: use umask from the secure level setting -2002-02-15 05:36 Frederic Lepied +2002-02-14 23:36 Frederic Lepied * cron-sh/promisc_check.sh: use complete path for the ip command. -2002-02-14 03:59 Frederic Lepied +2002-02-13 21:59 Frederic Lepied * msec.spec: 0.18-5mdk -2002-02-14 02:50 Frederic Lepied +2002-02-13 20:50 Frederic Lepied * share/libmsec.py: only reports an error for an empty wheel group when run interactively. -2002-02-14 01:54 Frederic Lepied +2002-02-13 19:54 Frederic Lepied * share/: Config.py, ConfigFile.py, Perms.py: corrected warnings reported by pychecker -2002-02-14 01:53 Frederic Lepied +2002-02-13 19:53 Frederic Lepied * cron-sh/promisc_check.sh: use ip to detect promiscuous mode with 2.4 kernels. -2002-02-14 01:52 Frederic Lepied +2002-02-13 19:52 Frederic Lepied * msec.csh, msec.sh: handle umask and . in path -2002-02-11 15:44 Frederic Lepied +2002-02-11 09:44 Frederic Lepied * conf/perm.5: /etc/sendmail.cf 640 to sendmail to work. -2002-02-05 21:10 Frederic Lepied +2002-02-05 15:10 Frederic Lepied * msec.spec: 0.18-4mdk -2002-02-05 21:07 Frederic Lepied +2002-02-05 15:07 Frederic Lepied * share/msec.py: add a delay in passowrd change before desactiving. -2002-02-05 20:52 Frederic Lepied +2002-02-05 14:52 Frederic Lepied * share/libmsec.py: handle allowed delay in password changing. -2002-02-05 17:48 Frederic Lepied +2002-02-05 11:48 Frederic Lepied * share/libmsec.py: use true/false for Browser value in gdm.conf -2002-02-05 05:19 Frederic Lepied +2002-02-04 23:19 Frederic Lepied * msec.spec: 0.18-3mdk -2002-02-05 05:14 Frederic Lepied +2002-02-04 23:14 Frederic Lepied * share/ConfigFile.py: (exists): add an extra arg to really test if the file exists (without testing if the file + suffix exists). -2002-02-05 05:12 Frederic Lepied +2002-02-04 23:12 Frederic Lepied * share/msec.py: handle the extra arg for allow_x_connections. -2002-02-05 05:11 Frederic Lepied +2002-02-04 23:11 Frederic Lepied * share/libmsec.py: corrected issue moving (only when really present). @@ -511,92 +759,92 @@ (allow_x_connections): add an extra argument to control if the X server listens on tcp port. -2002-02-05 04:53 Frederic Lepied +2002-02-04 22:53 Frederic Lepied * share/Perms.py: removed debugging trace. -2002-02-05 04:09 Frederic Lepied +2002-02-04 22:09 Frederic Lepied * share/msec: pass the same options used for msec.py to Perms.py -2002-02-05 04:07 Frederic Lepied +2002-02-04 22:07 Frederic Lepied * conf/perm.4: put /etc/hosts.{allow,deny,equiv} in the daemon group -2002-02-05 04:06 Frederic Lepied +2002-02-04 22:06 Frederic Lepied * Makefile: don't commit in the Makefile -2002-02-05 04:05 Frederic Lepied +2002-02-04 22:05 Frederic Lepied * conf/perm.5: put /etc/hosts.{allow,deny,equiv} -2002-02-05 04:04 Frederic Lepied +2002-02-04 22:04 Frederic Lepied * share/Perms.py: process the options like msec to be able to log the same way. -2002-02-05 04:03 Frederic Lepied +2002-02-04 22:03 Frederic Lepied * man/C/msec.8: Linux-Mandrake => Mandrake Linux remove references to the custom level -2002-02-05 03:37 Frederic Lepied +2002-02-04 21:37 Frederic Lepied * cron-sh/security_check.sh: corrected typo -2002-02-05 03:34 Frederic Lepied +2002-02-04 21:34 Frederic Lepied * cron-sh/security_check.sh: back to nogroup -2002-02-05 02:23 Frederic Lepied +2002-02-04 20:23 Frederic Lepied * cron-sh/security_check.sh: use nobody instead of nogroup -2002-02-04 04:27 Frederic Lepied +2002-02-03 22:27 Frederic Lepied * cron-sh/security_check.sh: added .ssh/id_dsa .ssh/id_rsa to the list of files to check. -2002-02-04 04:26 Frederic Lepied +2002-02-03 22:26 Frederic Lepied * cron-sh/security.sh: don't report /tmp and /var/tmp as word writable dirs (it's normal) -2002-02-02 06:20 Frederic Lepied +2002-02-02 00:20 Frederic Lepied * share/Makefile: create the man page for mseclib -2002-02-02 06:20 Frederic Lepied +2002-02-02 00:20 Frederic Lepied * share/man.py: first version -2002-01-29 06:22 Frederic Lepied +2002-01-29 00:22 Frederic Lepied * msec.spec: 0.18-2mdk -2002-01-29 06:22 Frederic Lepied +2002-01-29 00:22 Frederic Lepied * share/libmsec.py: password aging for root too. -2002-01-29 04:32 Frederic Lepied +2002-01-28 22:32 Frederic Lepied * cron-sh/diff_check.sh: changed the wording for the rpm-va changes. -2002-01-29 03:20 Frederic Lepied +2002-01-28 21:20 Frederic Lepied * conf/perm.4: the snf mod are not needed -2002-01-29 03:19 Frederic Lepied +2002-01-28 21:19 Frederic Lepied * share/msec.py: new option: server_level to set a different server_level from the secure_level. For example the snf will be in secure_level 4 and server_level snf. -2002-01-29 03:19 Frederic Lepied +2002-01-28 21:19 Frederic Lepied * share/libmsec.py: handle /etc/security/msec/server symlink through create_server_link(). @@ -604,152 +852,152 @@ enable_security_check: register daily cron in /etc/cron.daily instead of /etc/cron.d. -2002-01-28 19:41 Frederic Lepied +2002-01-28 13:41 Frederic Lepied * share/msec.py: report msec instead of msec.py in the error messages. -2002-01-28 19:09 Frederic Lepied +2002-01-28 13:09 Frederic Lepied * conf/: perm.1, perm.2, perm.3, perm.5, perm.snf: made mandrake_consmap 644 (Andrej) -2002-01-28 19:08 Frederic Lepied +2002-01-28 13:08 Frederic Lepied * conf/perm.4: merged diff with snf. -2002-01-28 17:25 florin +2002-01-28 11:25 Florin Grad * conf/: perm.0, perm.1, perm.2, perm.3, perm.4, perm.5, perm.snf: change sendmail ownership -2002-01-28 15:52 Frederic Lepied +2002-01-28 09:52 Frederic Lepied * cron-sh/diff_check.sh: report too the date and the hostname when the report is empty. -2002-01-27 08:07 Frederic Lepied +2002-01-27 02:07 Frederic Lepied * msec.spec: 0.18-1mdk -2002-01-27 08:06 Frederic Lepied +2002-01-27 02:06 Frederic Lepied * Makefile: clean in share too -2002-01-27 04:09 Frederic Lepied +2002-01-26 22:09 Frederic Lepied * share/msec.py: use mseclib to have a way to process a config file before really doing the changes. -2002-01-27 04:08 Frederic Lepied +2002-01-26 22:08 Frederic Lepied * share/libmsec.py: regroup the on/off funtions in uniq ones with an arg to decide on/off. -2002-01-27 04:05 Frederic Lepied +2002-01-26 22:05 Frederic Lepied * share/: shadow.py, Makefile: first version -2002-01-22 21:28 Frederic Lepied +2002-01-22 15:28 Frederic Lepied * msec.spec: clean before installing and don't install init.sh man pages anymore. -2002-01-22 21:27 Frederic Lepied +2002-01-22 15:27 Frederic Lepied * Makefile: don't put .bz2 archive in source for localcopy. -2002-01-22 21:14 Frederic Lepied +2002-01-22 15:14 Frederic Lepied * msec.spec: 0.17-15mdk -2002-01-22 21:14 Frederic Lepied +2002-01-22 15:14 Frederic Lepied * share/CHANGES: more doc -2002-01-22 21:12 Frederic Lepied +2002-01-22 15:12 Frederic Lepied * cron-sh/security.sh, cron-sh/security_check.sh, share/msec.py: experimental chkrootkit check. -2002-01-22 20:23 Frederic Lepied +2002-01-22 14:23 Frederic Lepied * conf/: perm.0, perm.1, perm.2, perm.3, perm.4, perm.5, perm.snf: corrected errors reported by Pierre Fortin's script -2002-01-22 20:21 Frederic Lepied +2002-01-22 14:21 Frederic Lepied * man/: C/init.sh.8, fr/init.sh.8: removed init-sh man page -2002-01-22 03:58 Frederic Lepied +2002-01-21 21:58 Frederic Lepied * conf/: perm.0, perm.1, perm.2, perm.3: corrected /bin/rpm path & perms -2002-01-21 17:23 Frederic Lepied +2002-01-21 11:23 Frederic Lepied * msec.spec: 0.17-14mdk -2002-01-21 17:19 Frederic Lepied +2002-01-21 11:19 Frederic Lepied * conf/: perm.3, perm.4, perm.5, perm.snf: make mandrake_consmap 755 because we it needs to be readable by everyone -2002-01-21 05:18 Frederic Lepied +2002-01-20 23:18 Frederic Lepied * msec.spec: 0.17-13mdk -2002-01-21 05:16 Frederic Lepied +2002-01-20 23:16 Frederic Lepied * conf/: perm.0, perm.1, perm.2, perm.3, perm.4, perm.5, perm.snf: corrected mandrake_consmap permissions and ping path/permissions. -2002-01-21 05:14 Frederic Lepied +2002-01-20 23:14 Frederic Lepied * share/CHANGES: document 0.17-13mdk changes -2002-01-21 05:11 Frederic Lepied +2002-01-20 23:11 Frederic Lepied * cron-sh/diff_check.sh: mail even when the log is empty to signify that the check is fine. -2002-01-21 05:07 Frederic Lepied +2002-01-20 23:07 Frederic Lepied * share/msec.py: log the start of the program in interactive mode. -2002-01-21 05:06 Frederic Lepied +2002-01-20 23:06 Frederic Lepied * share/Perms.py: allow current to be specified for permissions too. protect and log errors in os calls. -2002-01-21 05:05 Frederic Lepied +2002-01-20 23:05 Frederic Lepied * share/Log.py: log errors. -2002-01-21 05:04 Frederic Lepied +2002-01-20 23:04 Frederic Lepied * share/ConfigFile.py: protect and log errors on os calls. -2002-01-21 05:03 Frederic Lepied +2002-01-20 23:03 Frederic Lepied * Makefile: corrected clean rule -2002-01-21 05:03 Frederic Lepied +2002-01-20 23:03 Frederic Lepied * init-sh/cleanold.sh: don't create groups (rely on setup). -2002-01-18 00:33 Stefan Siegel +2002-01-17 18:33 Stefan Siegel * init-sh/cleanold.sh: use "groupadd -g" to ensure the groupid provided by latest setup package -2002-01-17 22:21 Frederic Lepied +2002-01-17 16:21 Frederic Lepied * share/msec.py: corrected password_length mismatch. -2002-01-17 20:56 Frederic Lepied +2002-01-17 14:56 Frederic Lepied * Makefile, msec.sh, msec.spec, conf/perm.0, conf/perm.1, conf/perm.2, conf/perm.3, conf/perm.4, conf/perm.5, conf/perm.snf, @@ -759,455 +1007,455 @@ share/Perms.py, share/README, share/compile.py, share/libmsec.py, share/msec, share/msec.py: 0.17 -2002-01-17 18:22 Stefan Siegel +2002-01-17 12:22 Stefan Siegel * init-sh/: lib.sh, lib.sh.usermode: use "groupadd -g" to ensure the groupid provided by latest setup package -2001-12-05 12:32 florin +2001-12-05 06:32 Florin Grad * msec.spec: typo error -2001-12-05 12:09 florin +2001-12-05 06:09 Florin Grad * msec.spec: create the /etc/sysconfig/ directory -2001-12-05 12:06 florin +2001-12-05 06:06 Florin Grad * msec.csh: fix the tests, thx to Konrad Bernlohr -2001-12-05 12:01 florin +2001-12-05 06:01 Florin Grad * msec.spec: changelog for 4mdk and use %{_sysconfdir}/sysconfig/msec instead of %{_sysconfdir}/msec -2001-12-05 04:52 Frederic Lepied +2001-12-04 22:52 Frederic Lepied * msec.sh: test the existence of /etc/sysconfig/msec before sourcing it. -2001-12-02 07:52 Frederic Lepied +2001-12-02 01:52 Frederic Lepied * conf/: server.4, server.5: snort => snortd -2001-12-02 07:52 Frederic Lepied +2001-12-02 01:52 Frederic Lepied * conf/: perm.0, perm.1, perm.2, perm.3, perm.4, perm.5, perm.snf: added default owners of /var/log/{news,snort,uucp} -2001-12-02 07:03 Frederic Lepied +2001-12-02 01:03 Frederic Lepied * msec.spec: 0.16-3mdk -2001-12-02 07:03 Frederic Lepied +2001-12-02 01:03 Frederic Lepied * init-sh/: level0.sh, level1.sh, level2.sh, level3.sh, level4.sh, level5.sh, levelsnf.sh: added sysctl.conf, host.conf and /etc/issue{.net} customization. -2001-12-02 06:59 Frederic Lepied +2001-12-02 00:59 Frederic Lepied * conf/: server.4, server.5: added firewall and IDS to the list. -2001-12-02 06:58 Frederic Lepied +2001-12-02 00:58 Frederic Lepied * conf/: perm.0, perm.1, perm.2, perm.3, perm.4, perm.5, perm.snf: customize rpm progs and /usr/share/doc permissions. -2001-12-02 06:56 Frederic Lepied +2001-12-02 00:56 Frederic Lepied * msec.csh: sed black magic to read /etc/sysconfig/msec and translate sh variables in csh ones. -2001-12-02 06:55 Frederic Lepied +2001-12-02 00:55 Frederic Lepied * init-sh/custom.sh: libsafe.so.1.3 => libsafe.so.2 -2001-12-02 06:54 Frederic Lepied +2001-12-02 00:54 Frederic Lepied * init-sh/lib.sh: added LoadSysctl, RemoveIssue, RemoveIssueNet, RestoreIssues functions. -2001-12-02 05:32 Frederic Lepied +2001-12-01 23:32 Frederic Lepied * Makefile: corrected clean rule -2001-11-30 14:22 florin +2001-11-30 08:22 Florin Grad * msec.spec: 0.16-3mdk Changelog -2001-11-30 14:15 florin +2001-11-30 08:15 Florin Grad * msec.spec: update the changelog message in the 0.16-3mdk -2001-11-30 14:13 florin +2001-11-30 08:13 Florin Grad * msec.spec: update the post message -2001-11-30 13:32 florin +2001-11-30 07:32 Florin Grad * init-sh/levelsnf.sh: allow the ssh connexions from everywhere -2001-11-29 18:33 florin +2001-11-29 12:33 Florin Grad * msec.csh: sysconfig file -2001-11-29 18:32 florin +2001-11-29 12:32 Florin Grad * msec.sh: source the sysconfig file -2001-11-29 18:30 florin +2001-11-29 12:30 Florin Grad * msec.sh: add SECURE LEVEL -2001-11-29 18:23 florin +2001-11-29 12:23 Florin Grad * init-sh/lib.sh: bring back the cleaning of the profile files in order to make an update work -2001-11-29 18:11 florin +2001-11-29 12:11 Florin Grad * init-sh/level5.sh: fix a typo error space in ldpreload condition if -2001-11-29 18:04 florin +2001-11-29 12:04 Florin Grad * init-sh/levelsnf.sh: typo error in SECURE_LEVEL -2001-11-29 17:56 florin +2001-11-29 11:56 Florin Grad * msec.spec: create the entries for the %{_sysconfdir}/%{name} file -2001-11-29 17:50 florin +2001-11-29 11:50 Florin Grad * msec.csh: remove the sysconfig/source -2001-11-29 17:50 florin +2001-11-29 11:50 Florin Grad * msec.sh: remove the source of sysconfig/msec -2001-11-29 15:24 florin +2001-11-29 09:24 Florin Grad * init-sh/lib.sh: clean sysconfig/msec -2001-11-29 15:15 florin +2001-11-29 09:15 Florin Grad * init-sh/custom.sh: remove the profile.d comment -2001-11-29 15:12 florin +2001-11-29 09:12 Florin Grad * msec.spec: fix changelog for 3mdk -2001-11-29 15:12 florin +2001-11-29 09:12 Florin Grad * msec.spec: 3mdk -2001-11-29 14:39 florin +2001-11-29 08:39 Florin Grad * init-sh/lib.sh: clean the entries related to the profile.d/msec*sh files -2001-11-29 14:38 florin +2001-11-29 08:38 Florin Grad * init-sh/levelsnf.sh: clean the comment related to the profile.d dir -2001-11-29 14:37 florin +2001-11-29 08:37 Florin Grad * init-sh/: level0.sh, level1.sh, level2.sh, level3.sh, level4.sh, level5.sh: remove the comments related to profile.d -2001-11-29 14:33 florin +2001-11-29 08:33 Florin Grad * init-sh/level5.sh: sysconfig/msec support -2001-11-29 14:30 florin +2001-11-29 08:30 Florin Grad * init-sh/custom.sh: add the sysconfig/msec support -2001-11-29 14:26 florin +2001-11-29 08:26 Florin Grad * init-sh/levelsnf.sh: add sysconfig/msec support -2001-11-28 16:39 florin +2001-11-28 10:39 Florin Grad * init-sh/: level0.sh, level1.sh, level2.sh, level3.sh, level4.sh, level5.sh: add the /etc/sysconfig/mesc support for UMASK -2001-11-28 16:14 florin +2001-11-28 10:14 Florin Grad * msec.csh, msec.sh: source the /etc/sysconfig/msec file -2001-11-28 15:16 florin +2001-11-28 09:16 Florin Grad * init-sh/custom.sh: add the support to the profile.d files -2001-11-08 17:35 florin +2001-11-08 11:35 Florin Grad * msec.spec: typo error in post script -2001-11-08 17:23 florin +2001-11-08 11:23 Florin Grad * msec.spec: update post section and modify the changelog -2001-11-08 16:37 florin +2001-11-08 10:37 Florin Grad * init-sh/msec: typo error -2001-11-08 16:26 florin +2001-11-08 10:26 Florin Grad * init-sh/msec: new entries for snf -2001-11-08 16:25 florin +2001-11-08 10:25 Florin Grad * msec.spec: new version -2001-11-08 16:23 florin +2001-11-08 10:23 Florin Grad * init-sh/grpuser.sh: new support for snf -2001-11-08 12:21 florin +2001-11-08 06:21 Florin Grad * msec.spec: 32 mdk -2001-11-08 12:17 florin +2001-11-08 06:17 Florin Grad * init-sh/lib.sh: add snf in RootSshLogin function -2001-11-08 12:12 florin +2001-11-08 06:12 Florin Grad * init-sh/levelsnf.sh, conf/perm.snf: [no log message] -2001-11-07 16:38 florin +2001-11-07 10:38 Florin Grad * msec.spec: make rpmlint happy and add Url tag -2001-11-07 16:36 florin +2001-11-07 10:36 Florin Grad * msec.spec: Mandrake Linux -2001-11-07 16:28 florin +2001-11-07 10:28 Florin Grad * conf/server.snf: new snf level -2001-11-07 16:28 florin +2001-11-07 10:28 Florin Grad * conf/server.4: back to the old 4 level -2001-11-07 16:26 florin +2001-11-07 10:26 Florin Grad * msec.spec: changelog enrtry in 31mdk -2001-11-07 16:25 florin +2001-11-07 10:25 Florin Grad * init-sh/levelsnf.sh: nex snf level -2001-11-07 16:15 florin +2001-11-07 10:15 Florin Grad * init-sh/msec: add snf entry in usage -2001-11-07 16:11 florin +2001-11-07 10:11 Florin Grad * conf/: perm.3, perm.4, perm.5, perm.snf: new entry -2001-11-07 15:31 florin +2001-11-07 09:31 Florin Grad * conf/server.4: add named in authorized servers for level 4 -2001-11-07 15:29 florin +2001-11-07 09:29 Florin Grad * msec.spec: changelog for 31mdk -2001-11-07 15:26 florin +2001-11-07 09:26 Florin Grad * conf/server.4: add some servers in level 4 -2001-11-07 15:03 florin +2001-11-07 09:03 Florin Grad * msec.spec: new modifs -2001-11-07 15:02 florin +2001-11-07 09:02 Florin Grad * conf/: perm.3, perm.4, perm.5: add monitoring permissions -2001-11-07 14:58 florin +2001-11-07 08:58 Florin Grad * conf/: perm.3, perm.4, perm.5: add the right permissions for naat packages -2001-11-07 14:33 florin +2001-11-07 08:33 Florin Grad * conf/: perm.0, perm.1, perm.2, perm.3, perm.4, perm.5, server.4: modify the squid permissions and add naat-backend permissions -2001-10-03 15:07 florin +2001-10-03 09:07 Florin Grad * init-sh/: level4.sh, level5.sh: remove the touch ld.so.preload as we're doing it in lib.sh -2001-10-03 15:06 florin +2001-10-03 09:06 Florin Grad * init-sh/lib.sh: touch ld.so.preload before cleaning -2001-10-03 14:58 florin +2001-10-03 08:58 Florin Grad * msec.csh, msec.sh: first add -2001-10-03 14:52 florin +2001-10-03 08:52 Florin Grad * msec.spec, init-sh/level4.sh, init-sh/level5.sh: libsafe.so.2 -2001-10-03 14:51 florin +2001-10-03 08:51 Florin Grad * init-sh/lib.sh: add print in CleanRules -2001-10-03 14:50 florin +2001-10-03 08:50 Florin Grad * init-sh/: level0.sh, level1.sh, level2.sh, level3.sh, level4.sh, level5.sh: libsafe.so.2 in levels 4/5 and remove the . in PATH -2001-09-29 16:05 florin +2001-09-29 10:05 Florin Grad * init-sh/: level0.sh, level1.sh, level2.sh, level3.sh, level4.sh, level5.sh: add \n -2001-09-29 15:58 florin +2001-09-29 09:58 Florin Grad * init-sh/lib.sh: remove or print -2001-09-29 15:46 florin +2001-09-29 09:46 Florin Grad * man/C/: init.sh.8, msec.8: date -2001-09-29 15:44 florin +2001-09-29 09:44 Florin Grad * msec.spec: date in 30mdk -2001-09-29 15:42 florin +2001-09-29 09:42 Florin Grad * init-sh/lib.sh: add the E in grep in AddRules -2001-09-29 15:41 florin +2001-09-29 09:41 Florin Grad * msec.spec: 30mdk man changelog -2001-09-29 15:40 florin +2001-09-29 09:40 Florin Grad * msec.spec: 30mdk changelog -2001-09-29 15:38 florin +2001-09-29 09:38 Florin Grad * init-sh/: level0.sh, level1.sh, level2.sh, level3.sh, level4.sh, level5.sh: PATH modifs -2001-09-29 15:34 florin +2001-09-29 09:34 Florin Grad * init-sh/lib.sh: bring back the or print in CleanRules -2001-09-29 15:23 florin +2001-09-29 09:23 Florin Grad * man/C/: init.sh.8, msec.8: update the doc path -2001-09-27 17:23 florin +2001-09-27 11:23 Florin Grad * init-sh/lib.sh: remove the or print part in the perl line in CleanRules -2001-09-27 17:22 florin +2001-09-27 11:22 Florin Grad * msec.spec: date in 30mdk changelog -2001-09-27 17:21 florin +2001-09-27 11:21 Florin Grad * init-sh/: level0.sh, level1.sh, level2.sh, level3.sh, level4.sh, level5.sh: move from profile ro the profile.d/msec.{sh,csh} entries -2001-09-27 17:14 florin +2001-09-27 11:14 Florin Grad * msec.spec: add a changelog entry in the 30mdk -2001-09-26 16:25 florin +2001-09-26 10:25 Florin Grad * msec.spec: add an entry in the 30 mdk changelog -2001-09-26 16:24 florin +2001-09-26 10:24 Florin Grad * init-sh/lib.sh: remove the -E option in the AddRules grep -2001-09-26 15:48 florin +2001-09-26 09:48 Florin Grad * init-sh/: level0.sh, level1.sh, level2.sh, level3.sh, level4.sh, level5.sh: typo errors -2001-09-26 14:35 florin +2001-09-26 08:35 Florin Grad * init-sh/lib.sh: CleanRules for /etc/profile and /etc/zprofile -2001-09-26 14:20 florin +2001-09-26 08:20 Florin Grad * msec.spec: 30mdk -2001-09-26 14:10 florin +2001-09-26 08:10 Florin Grad * init-sh/: level1.sh, level2.sh, level3.sh, level4.sh, level5.sh: comment for profile.d section -2001-09-26 14:07 florin +2001-09-26 08:07 Florin Grad * init-sh/: level0.sh, level1.sh, level2.sh, level3.sh, level4.sh, level5.sh: use profile.d/* files instead of /etc/{z}profile -2001-09-26 12:03 florin +2001-09-26 06:03 Florin Grad * conf/: perm.0, perm.1, perm.2, perm.3, perm.4, perm.5: use profile.d/ files instead of profile -2001-09-20 18:05 florin +2001-09-20 12:05 Florin Grad * init-sh/: level0.sh, level1.sh, level2.sh, level3.sh, level4.sh, level5.sh: typo for /etc/profile.d/*csh -2001-09-20 17:54 florin +2001-09-20 11:54 Florin Grad * init-sh/level2.sh: typo in profile.d entries -2001-09-20 17:43 florin +2001-09-20 11:43 Florin Grad * init-sh/: level0.sh, level1.sh, level2.sh, level3.sh, level4.sh, level5.sh: profile.d entries -2001-09-20 17:36 florin +2001-09-20 11:36 Florin Grad * init-sh/lib.sh.usermode: remove the /etc/profile entries -2001-09-20 17:35 florin +2001-09-20 11:35 Florin Grad * init-sh/lib.sh: remove the /etc/profile entries and use /etc/profile.d/msec*sh|csh instead -2001-09-20 17:28 florin +2001-09-20 11:28 Florin Grad * msec.spec: /etc/profile.d*sh|csh entries -2001-09-20 15:43 florin +2001-09-20 09:43 Florin Grad * conf/: server.4, server.5: add the usb service -2001-09-20 15:42 florin +2001-09-20 09:42 Florin Grad * msec.spec: authorize the usb service in 4/5 levels of security -2001-09-19 19:00 yoann +2001-09-19 13:00 Yoann Vandoorselaere * msec.spec: Require /bin/touch -2001-09-19 15:37 florin +2001-09-19 09:37 Florin Grad * msec.spec: source2 is msec.logrotate and not msec -2001-09-19 14:32 yoann +2001-09-19 08:32 Yoann Vandoorselaere * msec.spec, init-sh/level0.sh, init-sh/level1.sh, init-sh/level2.sh, init-sh/level3.sh, init-sh/level4.sh, @@ -1217,98 +1465,98 @@ read. - Keep the output of the SECURE_LEVEL in /etc/profile and /etc/zprofile. -2001-09-19 14:28 florin +2001-09-19 08:28 Florin Grad * msec.spec: 25mdk -2001-09-19 14:21 florin +2001-09-19 08:21 Florin Grad * conf/server.4: sshd entry -2001-09-19 14:20 florin +2001-09-19 08:20 Florin Grad * conf/: perm.0, perm.1, perm.2, perm.3, perm.4, perm.5: squidGuard entries -2001-09-19 14:16 florin +2001-09-19 08:16 Florin Grad * init-sh/: level0.sh, level1.sh, level2.sh, level3.sh, level4.sh, level5.sh, lib.sh, lib.sh.usermode: RootSshLogin -2001-09-19 14:00 florin +2001-09-19 08:00 Florin Grad * doc/security.txt: there are no */init-sh/ directories in the rpm msec -2001-09-19 13:30 yoann +2001-09-19 07:30 Yoann Vandoorselaere * msec.spec, msec.spec: [no log message] -2001-09-19 13:18 yoann +2001-09-19 07:18 Yoann Vandoorselaere * msec.spec: [no log message] -2001-09-19 11:37 yoann +2001-09-19 05:37 Yoann Vandoorselaere * init-sh/: level0.sh, level1.sh, level2.sh, level3.sh, level4.sh, level5.sh, lib.sh: [no log message] -2001-09-17 19:14 Daouda Lo +2001-09-17 13:14 Daouda Lo * msec.logrotate: logrotate file -2001-09-17 18:44 Daouda Lo +2001-09-17 12:44 Daouda Lo * msec.spec: del doc/* -2001-09-17 18:42 Daouda Lo +2001-09-17 12:42 Daouda Lo * msec.spec: comment doc/*.8 -2001-09-17 18:35 Daouda Lo +2001-09-17 12:35 Daouda Lo * msec.spec: fix kdm sec hole at level 4 (displayin users) -2001-09-17 18:32 Daouda Lo +2001-09-17 12:32 Daouda Lo * init-sh/lib.sh: -fix users display in level up to 4 (kdm) -2001-09-14 18:14 florin +2001-09-14 12:14 Florin Grad * conf/: perm.2, perm.3, perm.5: /var/log/squid permisssions -2001-09-14 18:13 florin +2001-09-14 12:13 Florin Grad * conf/: perm.0, perm.1, perm.4: /var/log/squid permisssion -2001-09-14 18:12 florin +2001-09-14 12:12 Florin Grad * msec.spec: /var/log/squid permissions -2001-09-03 03:24 Pablo Saratxaga +2001-09-02 21:24 Pablo Saratxaga * Makefile, msec.spec, doc/init.sh.8, doc/msec.8, man/C/init.sh.8, man/C/msec.8, man/fr/init.sh.8: moved man pages to man/C, added French man page -2001-08-09 11:02 Frederic Lepied +2001-08-09 05:02 Frederic Lepied * msec.spec: 0.15-18mdk -2001-08-09 11:00 Frederic Lepied +2001-08-09 05:00 Frederic Lepied * Makefile: add rules to build test and release rpms. -2001-08-09 10:48 Frederic Lepied +2001-08-09 04:48 Frederic Lepied * init-sh/: custom.sh, level0.sh, level1.sh, level2.sh, level3.sh, level4.sh: added vc/[1-6] to securetty (devfs) -2001-08-09 10:47 Frederic Lepied +2001-08-09 04:47 Frederic Lepied * conf/perm.4: made securetty entry compliant with other perm.* -2001-08-09 10:10 Frederic Lepied +2001-08-09 04:10 Frederic Lepied * Makefile, TODO, msec.spec, conf/perm.0, conf/perm.1, conf/perm.2, conf/perm.3, conf/perm.4, conf/perm.5, conf/server.4, @@ -1318,145 +1566,145 @@ init-sh/level5.sh, init-sh/lib.sh, init-sh/lib.sh.usermode: merge back 0.15-17mdk in CVS -2000-05-17 15:38 yoann +2000-05-17 09:38 Yoann Vandoorselaere * init-sh/: custom.sh, level4.sh, level5.sh: [no log message] -2000-05-17 12:45 yoann +2000-05-17 06:45 Yoann Vandoorselaere * init-sh/: custom.sh, level4.sh, level5.sh: [no log message] -2000-05-03 14:39 yoann +2000-05-03 08:39 Yoann Vandoorselaere * msec.spec, init-sh/custom.sh, init-sh/level4.sh, init-sh/level5.sh, init-sh/lib.sh, msec.spec, msec.spec, msec.spec: [no log message] -2000-04-25 14:04 yoann +2000-04-25 08:04 Yoann Vandoorselaere * msec.spec, Makefile, msec.spec: [no log message] -2000-04-25 14:01 yoann +2000-04-25 08:01 Yoann Vandoorselaere * Makefile, msec.spec, init-sh/lib.sh: [no log message] -2000-04-24 23:01 Pixel +2000-04-24 17:01 Pixel * msec.spec, conf/perm.0, conf/perm.1, conf/perm.2, conf/perm.3, conf/perm.4: no_comment -2000-04-19 13:04 yoann +2000-04-19 07:04 Yoann Vandoorselaere * Makefile, msec.spec, init-sh/lib.sh: [no log message] -2000-04-19 12:06 yoann +2000-04-19 06:06 Yoann Vandoorselaere * init-sh/lib.sh, msec.spec, init-sh/lib.sh: [no log message] -2000-04-19 11:54 yoann +2000-04-19 05:54 Yoann Vandoorselaere * init-sh/: custom.sh, level0.sh, level1.sh, level2.sh, level3.sh, level4.sh, level5.sh, lib.sh: [no log message] -2000-04-18 18:30 yoann +2000-04-18 12:30 Yoann Vandoorselaere * init-sh/custom.sh, src/msec_find/find.c, msec.spec: [no log message] -2000-04-18 16:36 yoann +2000-04-18 10:36 Yoann Vandoorselaere * init-sh/: level3.sh, level4.sh, level5.sh: [no log message] -2000-04-17 18:19 yoann +2000-04-17 12:19 Yoann Vandoorselaere * msec.spec: [no log message] -2000-04-17 17:25 yoann +2000-04-17 11:25 Yoann Vandoorselaere * msec.spec, src/msec_find/find.c: [no log message] -2000-04-17 16:27 yoann +2000-04-17 10:27 Yoann Vandoorselaere * msec.spec, conf/perm.0, conf/perm.1, conf/perm.2, conf/perm.3, conf/perm.4, conf/perm.5, init-sh/file_perm.sh: [no log message] -2000-04-17 16:14 yoann +2000-04-17 10:14 Yoann Vandoorselaere * msec.spec, init-sh/file_perm.sh: [no log message] -2000-04-17 16:07 yoann +2000-04-17 10:07 Yoann Vandoorselaere * conf/perm.5: [no log message] -2000-04-17 15:55 yoann +2000-04-17 09:55 Yoann Vandoorselaere * Makefile, msec.spec, doc/msec.8, doc/msec.lyx: [no log message] -2000-04-14 18:35 yoann +2000-04-14 12:35 Yoann Vandoorselaere * init-sh/: custom.sh, level0.sh, level1.sh, level2.sh, level3.sh, level4.sh, level5.sh: [no log message] -2000-03-22 18:44 yoann +2000-03-22 12:44 Yoann Vandoorselaere * README, init-sh/custom.sh: [no log message] -2000-03-22 18:37 yoann +2000-03-22 12:37 Yoann Vandoorselaere * README, init-sh/custom.sh, init-sh/level5.sh, init-sh/lib.sh, init-sh/custom.sh, Makefile, msec.spec: [no log message] -2000-03-22 17:59 yoann +2000-03-22 11:59 Yoann Vandoorselaere * conf/perm.5: [no log message] -2000-03-19 19:41 yoann +2000-03-19 13:41 Yoann Vandoorselaere * cron-sh/security.sh, src/msec_find/find.c: [no log message] -2000-03-19 17:10 yoann +2000-03-19 11:10 Yoann Vandoorselaere * msec.spec, cron-sh/security.sh, src/msec_find/find.c: [no log message] -2000-03-09 14:52 yoann +2000-03-09 08:52 Yoann Vandoorselaere * msec.spec: [no log message] -2000-03-09 14:42 yoann +2000-03-09 08:42 Yoann Vandoorselaere * msec.spec, init-sh/custom.sh, src/msec_find/find.c: [no log message] -2000-03-08 15:44 yoann +2000-03-08 09:44 Yoann Vandoorselaere * Makefile, msec.spec, src/msec_find/Makefile, src/promisc_check/Makefile: [no log message] -2000-03-08 15:25 yoann +2000-03-08 09:25 Yoann Vandoorselaere * msec.spec, Makefile, msec.spec: [no log message] -2000-03-08 15:19 yoann +2000-03-08 09:19 Yoann Vandoorselaere * Makefile, init-sh/msec: [no log message] -2000-03-08 15:01 yoann +2000-03-08 09:01 Yoann Vandoorselaere * Makefile, msec.spec, cron-sh/security.sh, init-sh/custom.sh, init-sh/level4.sh, init-sh/level5.sh, init-sh/msec, src/msec_find/Makefile, src/msec_find/find.c: [no log message] -2000-03-07 18:03 yoann +2000-03-07 12:03 Yoann Vandoorselaere * msec.spec, init-sh/msec: [no log message] -2000-03-07 17:50 yoann +2000-03-07 11:50 Yoann Vandoorselaere * Makefile, msec.spec, init-sh/level0.sh, msec.spec: [no log message] -2000-03-07 17:45 yoann +2000-03-07 11:45 Yoann Vandoorselaere * Makefile, conf/perm.0, conf/perm.1, conf/perm.2, conf/perm.3, conf/perm.4, conf/perm.5, conf/server.4, conf/server.5, @@ -1468,362 +1716,362 @@ init-sh/perm.5, init-sh/server.4, init-sh/server.5: [no log message] -2000-03-07 15:39 yoann +2000-03-07 09:39 Yoann Vandoorselaere * cron-sh/security_check.sh, init-sh/perm.4, init-sh/perm.5: [no log message] -2000-02-17 12:29 yoann +2000-02-17 06:29 Yoann Vandoorselaere * init-sh/: perm.4, perm.5: [no log message] -2000-02-17 11:07 yoann +2000-02-17 05:07 Yoann Vandoorselaere * init-sh/: perm.4, perm.5: [no log message] -2000-01-21 01:46 yoann +2000-01-20 19:46 Yoann Vandoorselaere * init-sh/grpuser.sh: [no log message] -2000-01-18 09:57 yoann +2000-01-18 03:57 Yoann Vandoorselaere * msec.spec: [no log message] -2000-01-13 10:08 yoann +2000-01-13 04:08 Yoann Vandoorselaere * msec.spec, init-sh/custom.sh: [no log message] -2000-01-06 15:27 yoann +2000-01-06 09:27 Yoann Vandoorselaere * msec.spec, cron-sh/security.sh, init-sh/level3.sh, init-sh/level4.sh, init-sh/level5.sh: [no log message] -2000-01-06 14:35 camille +2000-01-06 08:35 Camille Bégnis * doc/: msec.lyx, msec.ps: re-mistake... -2000-01-06 14:24 camille +2000-01-06 08:24 Camille Bégnis * doc/: msec.lyx, msec.ps: Added friendly level names Corrected a mistake -2000-01-06 14:14 yoann +2000-01-06 08:14 Yoann Vandoorselaere * init-sh/level0.sh, msec.spec: [no log message] -2000-01-04 14:10 camille +2000-01-04 08:10 Camille Bégnis * doc/: msec.lyx, msec.ps: Added "root shutdown" feature. -2000-01-04 13:37 yoann +2000-01-04 07:37 Yoann Vandoorselaere * doc/security.txt, init-sh/custom.sh, msec.spec: [no log message] -2000-01-04 11:25 yoann +2000-01-04 05:25 Yoann Vandoorselaere * init-sh/: level0.sh, perm.0, perm.1, perm.2, perm.3, perm.4, perm.5: [no log message] -2000-01-03 11:41 yoann +2000-01-03 05:41 Yoann Vandoorselaere * init-sh/: level0.sh, level1.sh, level2.sh, level3.sh, level4.sh, level5.sh: [no log message] -1999-12-29 14:24 yoann +1999-12-29 08:24 Yoann Vandoorselaere * msec.spec: [no log message] -1999-12-29 14:21 Chmouel Boudjnah +1999-12-29 08:21 Chmouel Boudjnah * Makefile, msec.spec: "Seethechangelog" -1999-12-29 14:18 yoann +1999-12-29 08:18 Yoann Vandoorselaere * doc/grpuser.8: [no log message] -1999-12-28 19:28 Chmouel Boudjnah +1999-12-28 13:28 Chmouel Boudjnah * doc/: msec.lyx, msec.ps: "Seethechangelog" -1999-12-28 19:15 Chmouel Boudjnah +1999-12-28 13:15 Chmouel Boudjnah * doc/: grpuser.8, grpuser.8.bz2, init.sh.8, init.sh.8.bz2, msec.8, msec.8.bz2: "Seethechangelog" -1999-12-28 17:13 camille +1999-12-28 11:13 Camille Bégnis * doc/: grpuser.8.bz2, init.sh.8.bz2, msec.8.bz2: Added man pages -1999-12-28 16:32 camille +1999-12-28 10:32 Camille Bégnis * doc/msec.lyx: Added latest enhancement: mail warning -1999-12-28 09:47 yoann +1999-12-28 03:47 Yoann Vandoorselaere * init-sh/level3.sh: [no log message] -1999-12-27 18:03 yoann +1999-12-27 12:03 Yoann Vandoorselaere * msec.spec: [no log message] -1999-12-27 17:31 yoann +1999-12-27 11:31 Yoann Vandoorselaere * cron-sh/: diff_check.sh, security.sh: [no log message] -1999-12-27 17:28 yoann +1999-12-27 11:28 Yoann Vandoorselaere * init-sh/level0.sh, init-sh/level1.sh, init-sh/level2.sh, init-sh/level3.sh, init-sh/level4.sh, init-sh/level5.sh, msec.spec, cron-sh/security_check.sh: [no log message] -1999-12-27 17:24 yoann +1999-12-27 11:24 Yoann Vandoorselaere * cron-sh/diff_check.sh, cron-sh/security.sh, init-sh/perm.0, init-sh/perm.1, init-sh/perm.2, init-sh/perm.3, init-sh/perm.4, init-sh/perm.5: [no log message] -1999-12-24 10:32 yoann +1999-12-24 04:32 Yoann Vandoorselaere * msec.spec: [no log message] -1999-12-23 14:05 yoann +1999-12-23 08:05 Yoann Vandoorselaere * cron-sh/diff_check.sh: typo -1999-12-22 10:27 yoann +1999-12-22 04:27 Yoann Vandoorselaere * init-sh/: perm.0, perm.1, perm.2, perm.3, perm.4, perm.5: [no log message] -1999-12-22 03:41 camille +1999-12-21 21:41 Camille Bégnis * doc/msec.lyx: Added comprehensive level descriptions -1999-12-21 23:17 Pixel +1999-12-21 17:17 Pixel * msec.spec, init-sh/perm.4: no_comment -1999-12-21 23:10 Pixel +1999-12-21 17:10 Pixel * msec.spec, init-sh/level1.sh, init-sh/level2.sh, init-sh/level3.sh, init-sh/level4.sh, init-sh/level5.sh: no_comment -1999-12-21 23:02 Pixel +1999-12-21 17:02 Pixel * msec.spec, init-sh/lib.sh: no_comment -1999-12-20 19:28 yoann +1999-12-20 13:28 Yoann Vandoorselaere * init-sh/level5.sh: [no log message] -1999-12-20 19:03 yoann +1999-12-20 13:03 Yoann Vandoorselaere * msec.spec, init-sh/lib.sh: [no log message] -1999-12-20 18:14 yoann +1999-12-20 12:14 Yoann Vandoorselaere * init-sh/: perm.1, perm.2, perm.3: [no log message] -1999-12-20 17:56 yoann +1999-12-20 11:56 Yoann Vandoorselaere * Makefile, msec.spec, cron-sh/security.sh, cron-sh/security_check.sh: [no log message] -1999-12-20 12:52 yoann +1999-12-20 06:52 Yoann Vandoorselaere * cron-sh/security.sh, init-sh/grpuser.sh: [no log message] -1999-12-20 09:34 yoann +1999-12-20 03:34 Yoann Vandoorselaere * Makefile, init-sh/level4.sh, init-sh/level5.sh: [no log message] -1999-12-20 09:06 yoann +1999-12-20 03:06 Yoann Vandoorselaere * init-sh/: perm.0, perm.1, perm.2, perm.3, perm.4, perm.5: [no log message] -1999-12-20 00:51 yoann +1999-12-19 18:51 Yoann Vandoorselaere * init-sh/: lib.sh, perm.0, perm.1, perm.2, perm.3, perm.4, perm.5: [no log message] -1999-12-19 23:38 Pixel +1999-12-19 17:38 Pixel * init-sh/lib.sh: [no log message] -1999-12-19 23:14 Pixel +1999-12-19 17:14 Pixel * init-sh/: lib.sh, lib.sh, lib.sh: [no log message] -1999-12-19 23:09 yoann +1999-12-19 17:09 Yoann Vandoorselaere * init-sh/: level1.sh, level2.sh: [no log message] -1999-12-19 23:01 yoann +1999-12-19 17:01 Yoann Vandoorselaere * Makefile, cron-sh/security.sh, init-sh/security.conf: [no log message] -1999-12-19 22:53 Pixel +1999-12-19 16:53 Pixel * init-sh/lib.sh: [no log message] -1999-12-19 22:36 yoann +1999-12-19 16:36 Yoann Vandoorselaere * cron-sh/security_check.sh: [no log message] -1999-12-19 22:12 Pixel +1999-12-19 16:12 Pixel * init-sh/lib.sh: [no log message] -1999-12-19 21:44 yoann +1999-12-19 15:44 Yoann Vandoorselaere * cron-sh/: diff_check.sh, security_check.sh: [no log message] -1999-12-19 21:19 yoann +1999-12-19 15:19 Yoann Vandoorselaere * cron-sh/find.sh, cron-sh/security.sh, cron-sh/security.sh, init-sh/custom.sh, init-sh/level3.sh, init-sh/level4.sh, init-sh/level5.sh: [no log message] -1999-12-19 21:02 yoann +1999-12-19 15:02 Yoann Vandoorselaere * cron-sh/diff_check.sh, cron-sh/find.sh, cron-sh/security_check.sh, init-sh/security.conf: [no log message] -1999-12-19 01:35 Pixel +1999-12-18 19:35 Pixel * msec.spec: no_comment -1999-12-19 01:30 Pixel +1999-12-18 19:30 Pixel * msec.spec, Makefile, msec.spec: no_comment -1999-12-18 17:08 Pixel +1999-12-18 11:08 Pixel * msec.spec, init-sh/init.sh, init-sh/lib.sh: no_comment -1999-12-17 16:22 yoann +1999-12-17 10:22 Yoann Vandoorselaere * Makefile, cron-sh/diff_check.sh, cron-sh/security_check.sh, init-sh/lib.sh, init-sh/security.conf: [no log message] -1999-12-17 15:17 yoann +1999-12-17 09:17 Yoann Vandoorselaere * cron-sh/security_check.sh: [no log message] -1999-12-16 23:21 camille +1999-12-16 17:21 Camille Bégnis * doc/msec.lyx: Added level 0 minor changes -1999-12-16 18:48 yoann +1999-12-16 12:48 Yoann Vandoorselaere * msec.spec, init-sh/level0.sh, init-sh/level1.sh, init-sh/level2.sh, init-sh/level3.sh, init-sh/level4.sh, init-sh/level5.sh, init-sh/lib.sh: [no log message] -1999-12-16 17:41 yoann +1999-12-16 11:41 Yoann Vandoorselaere * msec.spec, init-sh/level0.sh, init-sh/lib.sh: [no log message] -1999-12-16 17:21 yoann +1999-12-16 11:21 Yoann Vandoorselaere * msec.spec: [no log message] -1999-12-16 17:17 yoann +1999-12-16 11:17 Yoann Vandoorselaere * Makefile, TODO, cron-sh/diff_check.sh, cron-sh/security_check.sh, init-sh/grpuser.sh, init-sh/level1.sh, init-sh/level2.sh, init-sh/lib.sh, init-sh/group.conf: [no log message] -1999-12-16 11:37 yoann +1999-12-16 05:37 Yoann Vandoorselaere * init-sh/: level1.sh, level2.sh, lib.sh: [no log message] -1999-12-16 11:32 yoann +1999-12-16 05:32 Yoann Vandoorselaere * init-sh/grpuser.sh: [no log message] -1999-12-16 03:07 Chmouel Boudjnah +1999-12-15 21:07 Chmouel Boudjnah * doc/msec.lyx: [no log message] -1999-12-15 19:04 yoann +1999-12-15 13:04 Yoann Vandoorselaere * init-sh/level0.sh: [no log message] -1999-12-15 18:35 yoann +1999-12-15 12:35 Yoann Vandoorselaere * TODO, init-sh/lib.sh: [no log message] -1999-12-15 18:19 yoann +1999-12-15 12:19 Yoann Vandoorselaere * Makefile, init-sh/grpuser, init-sh/lib.sh, init-sh/group.conf, init-sh/grpuser, init-sh/grpuser.sh, TODO: [no log message] -1999-12-15 12:13 yoann +1999-12-15 06:13 Yoann Vandoorselaere * init-sh/level0.sh: [no log message] -1999-12-15 12:05 yoann +1999-12-15 06:05 Yoann Vandoorselaere * init-sh/: level0.sh, level1.sh, level2.sh, level3.sh, level4.sh, level5.sh: [no log message] -1999-12-15 11:48 yoann +1999-12-15 05:48 Yoann Vandoorselaere * init-sh/: level0.sh, level1.sh, level2.sh, level3.sh, level4.sh, level5.sh, lib.sh: [no log message] -1999-12-15 10:39 yoann +1999-12-15 04:39 Yoann Vandoorselaere * cron-sh/diff_check.sh, cron-sh/security_check.sh, init-sh/custom.sh, init-sh/level4.sh, init-sh/level5.sh, init-sh/lib.sh: [no log message] -1999-12-15 09:10 yoann +1999-12-15 03:10 Yoann Vandoorselaere * doc/security.txt, init-sh/level2.sh, init-sh/perm.1, init-sh/perm.2, init-sh/perm.4, init-sh/perm.5: [no log message] -1999-12-14 18:24 yoann +1999-12-14 12:24 Yoann Vandoorselaere * msec.spec, init-sh/level1.sh, init-sh/level2.sh, init-sh/lib.sh: [no log message] -1999-12-14 17:35 yoann +1999-12-14 11:35 Yoann Vandoorselaere * init-sh/: level1.sh, level2.sh, lib.sh: [no log message] -1999-12-14 14:40 yoann +1999-12-14 08:40 Yoann Vandoorselaere * init-sh/lib.sh: [no log message] -1999-12-14 14:10 yoann +1999-12-14 08:10 Yoann Vandoorselaere * doc/security.txt, msec.spec, init-sh/level0.sh, init-sh/level1.sh, init-sh/level2.sh, init-sh/lib.sh: [no log message] -1999-12-13 12:45 yoann +1999-12-13 06:45 Yoann Vandoorselaere * cron-sh/diff_check.sh, msec.spec: [no log message] -1999-12-10 16:28 yoann +1999-12-10 10:28 Yoann Vandoorselaere * init-sh/: level0.sh, level2.sh, level3.sh, level4.sh, level5.sh: [no log message] -1999-12-10 16:22 yoann +1999-12-10 10:22 Yoann Vandoorselaere * msec.spec, init-sh/custom.sh: [no log message] -1999-12-09 18:17 yoann +1999-12-09 12:17 Yoann Vandoorselaere * msec.spec, msec.spec: [no log message] -1999-12-09 18:16 yoann +1999-12-09 12:16 Yoann Vandoorselaere * Makefile, cron-sh/diff_check.sh, cron-sh/promisc_check.sh, cron-sh/security_check.sh, init-sh/custom.sh, init-sh/file_perm.sh, @@ -1833,156 +2081,156 @@ Should really be stable now. -1999-12-09 17:44 yoann +1999-12-09 11:44 Yoann Vandoorselaere * init-sh/: level0.sh, level1.sh, level2.sh, lib.sh: [no log message] -1999-12-09 17:20 yoann +1999-12-09 11:20 Yoann Vandoorselaere * init-sh/: level0.sh, perm.0: [no log message] -1999-12-09 16:48 yoann +1999-12-09 10:48 Yoann Vandoorselaere * msec.spec: [no log message] -1999-12-09 16:44 yoann +1999-12-09 10:44 Yoann Vandoorselaere * cron-sh/diff_check.sh, cron-sh/promisc_check.sh, cron-sh/security_check.sh, init-sh/custom.sh, init-sh/level4.sh, init-sh/lib.sh, msec.spec, msec.spec: [no log message] -1999-12-09 15:48 yoann +1999-12-09 09:48 Yoann Vandoorselaere * cron-sh/diff_check.sh, cron-sh/promisc_check.sh, cron-sh/security_check.sh, init-sh/lib.sh: [no log message] -1999-12-09 11:20 yoann +1999-12-09 05:20 Yoann Vandoorselaere * cron-sh/promisc_check.sh: [no log message] -1999-12-09 11:05 yoann +1999-12-09 05:05 Yoann Vandoorselaere * cron-sh/: diff_check.sh, security_check.sh: [no log message] -1999-12-08 18:16 yoann +1999-12-08 12:16 Yoann Vandoorselaere * cron-sh/: diff_check.sh, promisc_check.sh: [no log message] -1999-12-08 17:13 yoann +1999-12-08 11:13 Yoann Vandoorselaere * msec.spec, cron-sh/security_check.sh: [no log message] -1999-12-08 15:55 yoann +1999-12-08 09:55 Yoann Vandoorselaere * msec.spec: [no log message] -1999-12-08 13:58 yoann +1999-12-08 07:58 Yoann Vandoorselaere * init-sh/lib.sh: [no log message] -1999-12-08 13:49 yoann +1999-12-08 07:49 Yoann Vandoorselaere * init-sh/lib.sh: [no log message] -1999-12-08 13:44 yoann +1999-12-08 07:44 Yoann Vandoorselaere * init-sh/: custom.sh, level5.sh: [no log message] -1999-12-08 13:08 yoann +1999-12-08 07:08 Yoann Vandoorselaere * cron-sh/diff_check.sh, init-sh/level5.sh: [no log message] -1999-12-08 13:04 yoann +1999-12-08 07:04 Yoann Vandoorselaere * msec.spec, cron-sh/diff_check.sh, cron-sh/promisc_check.sh, cron-sh/security_check.sh, init-sh/lib.sh: [no log message] -1999-12-08 13:00 yoann +1999-12-08 07:00 Yoann Vandoorselaere * msec.spec, cron-sh/diff_check.sh, cron-sh/file_check.sh, cron-sh/security_check.sh, init-sh/custom.sh, init-sh/level1.sh, init-sh/level2.sh, init-sh/level3.sh, init-sh/level4.sh, init-sh/level5.sh, init-sh/lib.sh: [no log message] -1999-12-08 11:24 yoann +1999-12-08 05:24 Yoann Vandoorselaere * init-sh/file_perm.sh: [no log message] -1999-12-08 11:04 yoann +1999-12-08 05:04 Yoann Vandoorselaere * msec.spec, init-sh/file_perm.sh, init-sh/level3.sh, init-sh/level4.sh, init-sh/level5.sh: [no log message] -1999-12-08 05:47 axalon +1999-12-07 23:47 axalon * cron-sh/security_check.sh: Handle usernames longer than 8 chars uses ls -n and moves a couple $1 to $3 and such blah blah -1999-12-08 03:49 Chmouel Boudjnah +1999-12-07 21:49 Chmouel Boudjnah * Makefile, msec.spec: "See_The_Changelog" -1999-12-08 03:40 Chmouel Boudjnah +1999-12-07 21:40 Chmouel Boudjnah * Makefile, msec.spec, doc/msec.spec: "See_The_Changelog" -1999-12-08 03:33 Chmouel Boudjnah +1999-12-07 21:33 Chmouel Boudjnah * Makefile: "See_The_Changelog" -1999-12-08 03:15 Chmouel Boudjnah +1999-12-07 21:15 Chmouel Boudjnah * doc/msec.spec: "See_The_Changelog" -1999-12-08 03:11 Chmouel Boudjnah +1999-12-07 21:11 Chmouel Boudjnah * cron-sh/promisc_check.sh: "See_The_Changelog" -1999-12-08 02:30 axalon +1999-12-07 20:30 axalon * cron-sh/file_check.sh: Fix the typo -1999-12-06 19:11 yoann +1999-12-06 13:11 Yoann Vandoorselaere * doc/msec.spec, init-sh/custom.sh, init-sh/level2.sh, init-sh/level3.sh, init-sh/level4.sh, init-sh/level5.sh: [no log message] -1999-12-06 19:08 yoann +1999-12-06 13:08 Yoann Vandoorselaere * doc/msec.spec: [no log message] -1999-12-06 19:05 yoann +1999-12-06 13:05 Yoann Vandoorselaere * cron-sh/file_check.sh, init-sh/level1.sh, init-sh/level2.sh, init-sh/level3.sh, init-sh/level4.sh, init-sh/level5.sh, init-sh/lib.sh, cron-sh/security_check.sh: [no log message] -1999-12-06 10:01 yoann +1999-12-06 04:01 Yoann Vandoorselaere * cron-sh/file_check.sh, init-sh/perm.1, init-sh/perm.2, init-sh/perm.3, init-sh/perm.4, init-sh/perm.5: Added permission for /var/log/ and it's subdirectory -1999-12-03 15:05 yoann +1999-12-03 09:05 Yoann Vandoorselaere * init-sh/: level1.sh, level2.sh, level3.sh, level4.sh, level5.sh: Added /usr/games in PATH -1999-12-01 17:30 yoann +1999-12-01 11:30 Yoann Vandoorselaere * doc/msec.spec, init-sh/level1.sh, init-sh/level2.sh, init-sh/lib.sh: [no log message] -1999-12-01 16:52 yoann +1999-12-01 10:52 Yoann Vandoorselaere * doc/msec.spec: [no log message] -1999-12-01 16:51 yoann +1999-12-01 10:51 Yoann Vandoorselaere * doc/msec.spec, init-sh/file_perm.sh, init-sh/level1.sh, init-sh/level2.sh, init-sh/lib.sh: @@ -1990,26 +2238,26 @@ Ok now add the user list to audio group ( level 1 & 2 ). lib.sh delete user list from audio group -1999-12-01 15:55 yoann +1999-12-01 09:55 Yoann Vandoorselaere * init-sh/: level1.sh, level2.sh, level3.sh: Bug fix -1999-12-01 12:40 yoann +1999-12-01 06:40 Yoann Vandoorselaere * doc/msec.spec: [no log message] -1999-12-01 12:39 yoann +1999-12-01 06:39 Yoann Vandoorselaere * init-sh/: level4.sh, lib.sh: Now preserve file indentation -1999-12-01 12:10 yoann +1999-12-01 06:10 Yoann Vandoorselaere * init-sh/: level4.sh, lib.sh: [no log message] -1999-12-01 12:02 yoann +1999-12-01 06:02 Yoann Vandoorselaere * doc/msec.spec, init-sh/level1.sh, init-sh/level2.sh, init-sh/level3.sh, init-sh/level4.sh, init-sh/level5.sh, @@ -2017,26 +2265,26 @@ Bug fix -1999-11-30 16:47 yoann +1999-11-30 10:47 Yoann Vandoorselaere * cron-sh/file_check.sh, init-sh/level1.sh, init-sh/level2.sh, init-sh/level3.sh, init-sh/level4.sh, init-sh/level5.sh: Many cron security check added. Now report what it does ( msec ). -1999-11-29 16:06 yoann +1999-11-29 10:06 Yoann Vandoorselaere * Makefile, doc/msec.spec, init-sh/custom.sh, init-sh/init.sh, init-sh/lib.sh, doc/msec.spec: [no log message] -1999-11-29 15:18 yoann +1999-11-29 09:18 Yoann Vandoorselaere * init-sh/: custom.sh, init.sh, level1.sh, level2.sh, level3.sh, level4.sh, level5.sh, lib.sh: Uhh custom security will always be a good idea. -1999-11-29 11:09 yoann +1999-11-29 05:09 Yoann Vandoorselaere * doc/msec.spec, init-sh/level1.sh, init-sh/level2.sh, init-sh/level3.sh, init-sh/level4.sh, init-sh/level5.sh, @@ -2044,11 +2292,11 @@ Fix a few bug. -1999-11-26 18:23 yoann +1999-11-26 12:23 Yoann Vandoorselaere * doc/msec.spec: [no log message] -1999-11-26 01:21 yoann +1999-11-25 19:21 Yoann Vandoorselaere * doc/msec.spec, init-sh/level1.sh, init-sh/level2.sh, init-sh/level3.sh: @@ -2056,14 +2304,14 @@ msec.spec: updated revision / changelog. level[12].sh: removed some unused code. level3.sh: fixed a bug -1999-11-25 21:24 yoann +1999-11-25 15:24 Yoann Vandoorselaere * doc/msec.spec, init-sh/level4.sh, init-sh/level5.sh: level[45].sh : use the new --msec option when calling chkconfig msec.spec : updated release version number -1999-11-25 20:44 yoann +1999-11-25 14:44 Yoann Vandoorselaere * AUTHORS, Makefile, COPYING, README, cron-sh/Makefile, cron-sh/file_check.sh, cron-sh/promisc_check.sh, doc/msec.spec, @@ -2073,9 +2321,9 @@ init-sh/server.5, init-sh/grpuser, init-sh/perm.1, init-sh/perm.2, init-sh/perm.3, init-sh/perm.4, init-sh/perm.5, init-sh/server.4, src/promisc_check/Makefile, src/promisc_check/promisc_check.c: - Updated source tree + Initial revision -1999-11-25 20:44 yoann +1999-11-25 14:44 Yoann Vandoorselaere * AUTHORS, Makefile, COPYING, README, cron-sh/Makefile, cron-sh/file_check.sh, cron-sh/promisc_check.sh, doc/msec.spec, @@ -2085,5 +2333,5 @@ init-sh/server.5, init-sh/grpuser, init-sh/perm.1, init-sh/perm.2, init-sh/perm.3, init-sh/perm.4, init-sh/perm.5, init-sh/server.4, src/promisc_check/Makefile, src/promisc_check/promisc_check.c: - Initial revision + Updated source tree diff --git a/msec.spec b/msec.spec index 5ff169c..92ec209 100644 --- a/msec.spec +++ b/msec.spec @@ -1,6 +1,6 @@ Summary: Security Level & Program for the Mandrake Linux distribution Name: msec -Version: 0.31.1 +Version: 0.32.1 Release: 1mdk Url: http://www.linux-mandrake.com/ Source0: %{name}-%{version}.tar.bz2 @@ -18,7 +18,6 @@ Requires: chkconfig >= 1.2.24-3mdk Requires: fileutils >= 4.1.5 Requires: iproute2 Requires: sh-utils -PreReq: rpm-helper >= 0.4 %description The Mandrake-Security package is designed to provide generic @@ -35,8 +34,6 @@ in order to test the security of your system and alert you if needed. %build make CFLAGS="$RPM_OPT_FLAGS" -cd share; make - %install rm -rf $RPM_BUILD_ROOT #make install RPM_BUILD_ROOT=$RPM_BUILD_ROOT @@ -75,9 +72,6 @@ install -m 755 %{SOURCE3} $RPM_BUILD_ROOT/etc/profile.d touch $RPM_BUILD_ROOT/var/log/security.log %pre -%_pre_groupadd xgrp -%_pre_groupadd ntools -%_pre_groupadd ctools %post touch /var/log/security.log @@ -103,10 +97,6 @@ if [ $1 = 0 ]; then rm -f /etc/cron.d/msec /etc/cron.hourly/msec /etc/cron.daily/msec fi -%_postun_groupdel xgrp -%_postun_groupdel ntools -%_postun_groupdel ctools - %clean rm -rf $RPM_BUILD_ROOT @@ -133,7 +123,20 @@ rm -rf $RPM_BUILD_ROOT # MAKE THE CHANGES IN CVS: NO PATCH OR SOURCE ALLOWED + %changelog +* Fri Dec 13 2002 Frederic Lepied 0.32.1-1mdk +- don't expire passwords on level 4 +- passwd pam file is in /etc/pam.d/passwd + +* Fri Aug 9 2002 Frederic Lepied 0.32-1mdk +- do not change permissions/groups/owners of remote files/directories. +- documented the command line options in the man page +- added password_history function (level 5) +- password_length uses system-auth pam file instead of passwd pam file (added +Conflicts with the old passwd package) +- allow_remote_root_login handles the without_password argument (level 4) + * Wed Jul 31 2002 Frederic Lepied 0.31.1-1mdk - handle again level.local diff --git a/share/libmsec.py b/share/libmsec.py index b98b460..f88e2c5 100644 --- a/share/libmsec.py +++ b/share/libmsec.py @@ -915,7 +915,7 @@ UCREDIT_REGEXP = re.compile('^(password\s+required\s+/lib/security/pam_cracklib. def password_length(length, ndigits=0, nupper=0): ''' Set the password minimum length and minimum number of digit and minimum number of capitalized letters.''' - passwd = ConfigFile.get_config_file(SYSTEM_AUTH) + passwd = ConfigFile.get_config_file(PASSWD) val_length = val_ndigits = val_ucredit = 999999 diff --git a/share/msec.py b/share/msec.py index 4afc3b1..8f95836 100755 --- a/share/msec.py +++ b/share/msec.py @@ -170,7 +170,7 @@ if level >= 4: allow_reboot(no) enable_at_crontab(no) if level == 4: - password_aging(60, 30) + password_aging(99999) allow_remote_root_login(without_password) else: password_aging(30, 15) -- cgit v1.2.1