From d78302ebe04bdbb0bb4f9479708bf85d96cbefef Mon Sep 17 00:00:00 2001
From: Yoann Vandoorselaere <yoann@mandriva.com>
Date: Mon, 29 Nov 1999 14:18:57 +0000
Subject: Uhh custom security will always be a good idea.

---
 init-sh/level1.sh | 52 +++++++++++++++++++++++++++++++++-------------------
 1 file changed, 33 insertions(+), 19 deletions(-)

(limited to 'init-sh/level1.sh')

diff --git a/init-sh/level1.sh b/init-sh/level1.sh
index 3d5d300..b54b85b 100755
--- a/init-sh/level1.sh
+++ b/init-sh/level1.sh
@@ -12,30 +12,44 @@ else
 fi
 
 # login as root on console granted...
-AddRules "tty1" /etc/securetty
-AddRules "tty2" /etc/securetty
-AddRules "tty3" /etc/securetty
-AddRules "tty4" /etc/securetty
-AddRules "tty5" /etc/securetty
+echo "Login as root is granted :"
+AddRules "tty1" /etc/securetty quiet
+AddRules "tty2" /etc/securetty quiet
+AddRules "tty3" /etc/securetty quiet
+AddRules "tty4" /etc/securetty quiet
+AddRules "tty5" /etc/securetty quiet
 AddRules "tty6" /etc/securetty
 
 # Suid Check
-AddRules "CHECK_SUID=no" /etc/security/msec/security.conf
-AddRules "CHECK_PROMISC=no" /etc/security/msec/security.conf
-AddRules "TTY_WARN=no" /etc/security/msec/security.conf
+echo "Updating file check variable :"
+echo -e "\t- Check suid root file : no."
+AddRules "CHECK_SUID_ROOT=no" /etc/security/msec/security.conf quiet
+echo -e "\t- Check suid goup file : no."
+AddRules "CHECK_SUID_GROUP=no" /etc/security/msec/security.conf quiet
+echo -e "\t- Check world writable file : no."
+AddRules "CHECK_WRITABLE=no" /etc/security/msec/security.conf quiet
+echo -e "\t- Check unowned file : no."
+AddRules "CHECK_UNOWNED=no" /etc/security/msec/security.conf quiet
+echo -e "\t- Check promiscuous mode : no."
+AddRules "CHECK_PROMISC=no" /etc/security/msec/security.conf quiet
+echo -e "\t- Security warning on tty : no."
+AddRules "TTY_WARN=no" /etc/security/msec/security.conf quiet
+echo -e "\t- Security warning in syslog : yes."
 AddRules "SYSLOG_WARN=yes" /etc/security/msec/security.conf
 
-# umask
-AddRules "umask 022" /etc/profile
-AddRules "SECURE_LEVEL=1" /etc/profile
-# Group
-usermod -G audio "${USERNAME}"
-
-# For X auth :
-xhost + localhost 2>&1 >& /dev/null
-
 # lilo update
-lilo
+echo -n "Running lilo to record new config : "
+/sbin/lilo >& /dev/null
+echo -e "done.\n"
 
-# Path
+# /etc/profile
+echo "Setting secure level variable to 1 :"
+AddRules "SECURE_LEVEL=1" /etc/profile
+echo "Setting umask to 002 (user = rw, group = rw, o = r) :"
+AddRules "umask 002" /etc/profile
+echo "Adding \"non secure\" PATH variable :"
 AddRules "PATH=\$PATH:/usr/X11R6/bin:." /etc/profile
+
+# Group
+echo "Adding \"${USERNAME} to audio group :"
+usermod -G audio "${USERNAME}"
-- 
cgit v1.2.1