summaryrefslogtreecommitdiffstats
path: root/perl-install/security/msec.pm
Commit message (Collapse)AuthorAgeFilesLines
* (get_function_value) fix getting value when it's 0 (#14364)Thierry Vignaud2005-03-081-1/+1
|
* use difference2() as suggested by new perl_checker warningPascal Rigaux2004-08-121-1/+1
|
* cleanupPascal Rigaux2004-08-121-3/+2
|
* perl_checker compliancePascal Rigaux2004-08-121-1/+1
|
* sync with msec-0.44Thierry Vignaud2004-07-301-1/+1
|
* (apply_checks) reindentThierry Vignaud2004-02-101-7/+7
|
* (apply_checks) fix unable to save checks when config file is emptyThierry Vignaud2004-02-101-10/+8
| | | | | (aka substInFile does not support using print in that case)
* fix draksec not saving options when config file do not exists :-(Thierry Vignaud2004-02-061-0/+2
|
* fix parsing of default values for multi argument msec functionsThierry Vignaud2004-01-291-1/+1
|
* fix #6103:Thierry Vignaud2003-10-081-3/+8
| | | | | | | | | - workaround buggy msec not listing MAIL_USER in its defaults whereas it does list MAIL_WARN - while keeping "prevent including MAIL_* in check list" behavior, we still have to load them in order to be able to save them back
* perl_checker compliancePascal Rigaux2003-08-111-1/+1
|
* sort functions & checks when writing configurationThierry Vignaud2003-07-191-2/+2
|
* perl_checker fixesThierry Vignaud2003-05-231-3/+3
|
* - fix #3616 (draksec discarding changes)Thierry Vignaud2003-05-201-2/+2
| | | | | - add a end of line btw at the end of file to please cat
* new data structure enables to do further cleanups and to spot old bugs (akaThierry Vignaud2003-02-051-46/+35
| | | | | | | | | | | | | | | | | security::msec is readable at last): - put all file names & separators for regexps in the object - (load_defaults, load_values) thus we can use indirect call to get right values - (load_values) fix "returning 'undef' option" (this trival bug did not have any side effect but fixing it is cleaner - kill debugging statements - generalize some comments - (reload) introduce this method so that we can later reload default values when the user change the security level the only bug we left is that on each saving, we add a empty line to config files...
* perl_checker fixThierry Vignaud2003-02-041-1/+0
|
* - fix get_check_default() and get_function_default() descriptionThierry Vignaud2003-02-041-56/+59
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - fix "check states were not saved if their value did not change (thus reverting it to default on disk)" - fix emebedding (no transcience when embedded) - fix "value get chop()-ed until it disapear and is reset to default" - log which security level is set and not only the switch killing latest remanent parts of christian "yeah baby, i'm piggy" work: - functions and checks listing : o rename get_functions() as list_functions() and get_default_checks() as list_checks(); this is both more homogenous and enable one to separate them from the get_(check|function)_(value|default) function group o regroup them o over simplify list_functions(): leave functions listing to msec (aka /usr/share/msec/level.<LEVEL>, assuming share/msec.py is always up to date, just don't care reparsing python code (this is plain stupid); if we cannot rely on msec, on who could we :-) ? o this allow to simplify msec gui so that we do not exclude stuff already excluded - remove config_check(), config_funtion(): replace them by: o set_check() and set_function() to store new values in data structure o apply_checks() and apply_functions() to save these new values, thus writing config files once and not twice the functions & checks count
* - consolidate file namesThierry Vignaud2003-02-031-75/+87
| | | | | | | | | | | | | | - remove unused variables - rename get_(default|value as load_(default|value)s and alter them so that config file are read only one time instead of one per option; data is stocked in package variable - thus get_default_checks() is quite a lot faster - alter get_(check|function)_(value|default) to use new data structure - fix check default reading - group default values reading and current values reading what's left: do the same thing for writing tomorow
* - fix obvious pixel typo (s/if/if_/)Mystery Man 5802002-12-041-61/+7
| | | | | | | - no need to maintain dummy documentation about something which is called only in one place - simplify
* fix typoPascal Rigaux2002-12-031-1/+1
|
* simplify (esp. use cat_)Pascal Rigaux2002-12-031-20/+2
|
* (get_value): cleanupPascal Rigaux2002-12-031-34/+20
|
* simplifyThierry Vignaud2002-11-201-1/+1
|
* cleanupsThierry Vignaud2002-11-201-3/+2
|
* - fix duplication of sec level setting:Thierry Vignaud2002-11-191-33/+5
| | | | | | | | | | | | | merge any::get_secure_level() with secure::msec::get_secure_level() - move security level functions from secure::msec to secure::level - uses secure::level in install_steps - fix duplication of security level labels - draksec: use same strings in drakx, got nice translations - get_default_checks(): make it more readable
* previous example in perldoc was buggy;Thierry Vignaud2002-11-191-14/+21
| | | | | put one that really works
* update copyright yearsThierry Vignaud2002-11-181-1/+1
|
* - perl_checker fixesThierry Vignaud2002-11-141-17/+19
| | | | | | - clean code - simplify config_function()
* - replace ... =~ 'foo' with ... =~ /foo/Pascal Rigaux2002-11-111-2/+2
| | | | | - remove unneeded parentheses for things like ... if (...)
* add or remove spaces where need to please perl_checkerPascal Rigaux2002-11-111-1/+2
|
* - use "foreach" instead of "for" in list contextPascal Rigaux2002-11-111-2/+2
| | | | | - use "for" instead of "foreach" when used a la C
* various small syntax enhancements to please perl_checkerPascal Rigaux2002-11-111-2/+2
|
* ignore_list is uselessThierry Vignaud2002-09-241-2/+1
|
* - factorize @sec_levels and %sec_levels for get_default() andThierry Vignaud2002-09-181-9/+7
| | | | | | | | get_seclevel_list() - use them in get_default() - get_value() : don't assume a space between "function_name" and "(parameters)"
* remove brackets on function values loadingThierry Vignaud2002-09-181-4/+8
|
* respect msec syntaxThierry Vignaud2002-09-181-1/+1
|
* "kill quart of draksec code" patch aka make it really working aka "happy fred" :Thierry Vignaud2002-09-181-51/+42
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - security::msec : o consolidate get_function_value() and get_value into get_value() o really apply changes, aka save them : * config_check() : use substInFile and setVarsInSh * config_function() : use substInFile and append_to_file * kill stupid and bogus config_option() o don't overwrite previous changes, aka reread them : * fix checks and functions current value loading * fix checks and functions default loading - security::main : o simplify ui creation, make it more readable o kill offuscating basic_secadmin_check(), basic_secadmin_entry(), network_generate_page(), system_generate_page() and checks_generate_page() o increase default height because of stupid "add_with_viewport" in ugtk::createScrolledWindow o consolidate network and system functions managment, they're all the same for msec, splitting is only a draksec "feature"; all go in %options_values - draksec : o let standalone module configure standalone mode o security::main already take care of initializing gtk o security::main already take care of exiting o don't play with embedded mode special variables it overall looks better but big cleanups're still possible for mdk9.1
* - security::msec :Thierry Vignaud2002-09-171-18/+16
| | | | | | | | | | | | | | | | | | | | | o config_check: use MDK::Common to set option rather than overwriting config file o remove all stupid prefix that just ofuscate code whereas it's always set to '', $::prefix will be a lot better o s/shift @_/shift/ o kill config_option() o simplify get_default() o get_secure_level() : replace if cascade by an array o set_secure_level() : * replace if cascade by an hash * default to runlevel 3 if undefined o get_functions() : simplify by merging code paths - security::main : o security::libsafe is unneeded o don't pass useless prefix o begin to read default values
* - msec::config_check: use MDK::Common to set option ratherThierry Vignaud2002-09-171-110/+67
| | | | | | | | than overwriting config file - remove all stupid prefix that just ofuscate code whereas it's always set to '', $::prefix will be a lot better
* - security::main: kill duplicated 'use strict'Thierry Vignaud2002-09-171-1/+1
| | | | | | | | | | - no ignore choice for periodic checks - save functions in /etc/security/msec/level.local and not security.conf - "from mseclib import" is useless - fix functions saving (an object method invocation takes class name as argument)
* remove libsafe option (not anymore used by msec)Thierry Vignaud2002-09-171-1/+1
|
* - draksec window title is draksec, not "draksec - basic options" since it offerThierry Vignaud2002-09-121-0/+3
| | | | | | advanced options too now - mark some strings to be translated (mainly notebook pages titles)
* inline seclevel_explain (why using functions to return a text label ?)Thierry Vignaud2002-09-101-20/+0
|
* move back draksec's files in drakxtoolsThierry Vignaud2002-09-101-0/+356
|
* - draksec is in his own package nowChristian Belisle2002-08-191-283/+0
|
* - Fix page change between checks -> advancedChristian Belisle2002-07-311-1/+2
|
* - Factorize options-related functionsChristian Belisle2002-07-311-26/+103
| | | | | | - s/choose_options/choose_functions - Added security checks page
* - put the basic button on top (in the advanced page)Christian Belisle2002-07-311-3/+4
| | | | | - move set_server_link in the ignore list temporary
* - complete re-writeChristian Belisle2002-07-301-23/+136
|
* - fix typo: s/%%options;/%%options/Daouda Lo2002-07-231-1/+1
|