From ff31c9236b1fd7465ea9687fc735e8af882e780e Mon Sep 17 00:00:00 2001 From: Eugeni Dodonov Date: Tue, 6 Jan 2009 21:31:46 +0000 Subject: Updated to working version of new msec. Conflicts: Makefile cron-sh/security_check.sh share/msec.py --- conf/perm.secure | 97 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 97 insertions(+) create mode 100644 conf/perm.secure (limited to 'conf/perm.secure') diff --git a/conf/perm.secure b/conf/perm.secure new file mode 100644 index 0000000..159a933 --- /dev/null +++ b/conf/perm.secure @@ -0,0 +1,97 @@ +# Welcome in Level 2 +### +/ root.adm 755 +/bin/ root.adm 755 +/bin/ping root.ntools 4750 +/bin/rpm rpm.rpm 750 +/boot/ root.ctools 710 +/dev/ root.root 755 +/etc/ root.adm 755 +/etc/conf.modules root.adm 640 +/etc/cron.daily/ root.adm 750 +/etc/cron.hourly/ root.adm 750 +/etc/cron.monthly/ root.adm 750 +/etc/cron.weekly/ root.adm 750 +/etc/crontab root.adm 640 +/etc/dhcpcd/ root.adm 750 +/etc/dhcpcd/* root.adm 640 +/etc/ftpaccess root.adm 640 +/etc/ftpconversions root.adm 640 +/etc/ftpgroups root.adm 640 +/etc/ftphosts root.adm 640 +/etc/ftpusers root.adm 640 +/etc/gettydefs root.adm 640 +/etc/hosts.allow root.daemon 644 +/etc/hosts.deny root.daemon 644 +/etc/hosts.equiv root.daemon 640 +/etc/httpd/modules.d/*.conf root.adm 640 +/etc/httpd/conf/*.conf root.adm 640 +/etc/httpd/conf/addon-modules/* root.adm 640 +/etc/httpd/conf/vhosts.d/* root.adm 640 +/etc/httpd/conf/webapps.d/* root.adm 640 +/etc/inetd.conf root.adm 640 +/etc/inittab root.adm 640 +/etc/ld.so.conf root.ctools 640 +/etc/mandrake-release root.adm 644 +/etc/modules.conf root.adm 640 +/etc/motd root.adm 644 +/etc/printcap root.lp 640 +/etc/profile.d/* root.root 755 +/etc/rc.d/ root.adm 755 +/etc/rc.d/init.d/ root.adm 755 +/etc/rc.d/init.d/* root.adm 744 +/etc/rc.d/init.d/functions root.adm 644 +/etc/rc.d/init.d/mandrake_consmap root.adm 644 +/etc/rc.d/init.d/xprint root.root 755 +/etc/securetty root.root 640 +/etc/sendmail.cf root.mail 640 +/etc/shutdown.allow root.adm 640 +/etc/ssh/ssh_config root.root 644 +/etc/ssh/ssh_host_*key root.adm 600 +/etc/ssh/ssh_host_*key.pub root.adm 644 +/etc/ssh/sshd_config root.adm 640 +/etc/sysconfig root.adm 755 +/etc/syslog.conf root.adm 640 +/etc/updatedb.conf root.adm 644 +/home/ root.adm 751 +/home/* current.current 751 +/lib/ root.adm 755 +/mnt/ root.adm 750 +/proc root.adm 555 +/root/ root.root 700 +/sbin/ root.adm 751 +/tmp/ root.adm 1773 +/usr/ root.adm 755 +/usr/* root.adm 755 +/usr/bin/ root.adm 755 +/usr/bin/cc root.ctools 750 +/usr/bin/finger root.ntools 750 +/usr/bin/g++* root.ctools 750 +/usr/bin/gcc* root.ctools 750 +/usr/bin/ssh root.ntools 750 +/usr/bin/telnet root.ntools 750 +/usr/bin/w root.ntools 750 +/usr/bin/who root.ntools 750 +/usr/lib/rpm/rpm? rpm.rpm 750 +/usr/sbin/ root.adm 751 +/usr/sbin/sendmail.postfix root.root 711 +/usr/sbin/sendmail.sendmail root.mail 2711 +/usr/sbin/traceroute root.ntools 4750 +/usr/share/doc root.root 755 +/usr/share/man root.root 755 +/usr/tmp root.adm 1773 +/var/ root.root 755 +/var/lib/rpm/Packages rpm.rpm 640 +/var/lock/subsys root.adm 750 +/var/log/ root.adm 751 +/var/log/* root.root 640 +/var/log/Xorg.0.log current.current current +/var/log/lp-errs lp.lp 600 +/var/log/*/* current.current 600 +/var/log/*/*/* current.current 600 +/var/log/*/. current.current 700 +/var/log/intraline/. current.current 750 +/var/log/mailman/ root.mail 2770 +/var/log/mailman/* root.mail 660 +/var/spool/mail/ root.mail 771 +/var/tmp root.adm 1773 -- cgit v1.2.1