aboutsummaryrefslogtreecommitdiffstats
path: root/init-sh/level1.sh
diff options
context:
space:
mode:
authorYoann Vandoorselaere <yoann@mandriva.com>1999-11-29 14:18:57 +0000
committerYoann Vandoorselaere <yoann@mandriva.com>1999-11-29 14:18:57 +0000
commitd78302ebe04bdbb0bb4f9479708bf85d96cbefef (patch)
tree609f45e5d9eb7e8561c9210bffffdab3d60320ad /init-sh/level1.sh
parent9083d35d35565f571883275dbf3fd77f4ff05f6d (diff)
downloadmsec-d78302ebe04bdbb0bb4f9479708bf85d96cbefef.tar
msec-d78302ebe04bdbb0bb4f9479708bf85d96cbefef.tar.gz
msec-d78302ebe04bdbb0bb4f9479708bf85d96cbefef.tar.bz2
msec-d78302ebe04bdbb0bb4f9479708bf85d96cbefef.tar.xz
msec-d78302ebe04bdbb0bb4f9479708bf85d96cbefef.zip
Uhh custom security will always be a good idea.
Diffstat (limited to 'init-sh/level1.sh')
-rwxr-xr-xinit-sh/level1.sh52
1 files changed, 33 insertions, 19 deletions
diff --git a/init-sh/level1.sh b/init-sh/level1.sh
index 3d5d300..b54b85b 100755
--- a/init-sh/level1.sh
+++ b/init-sh/level1.sh
@@ -12,30 +12,44 @@ else
fi
# login as root on console granted...
-AddRules "tty1" /etc/securetty
-AddRules "tty2" /etc/securetty
-AddRules "tty3" /etc/securetty
-AddRules "tty4" /etc/securetty
-AddRules "tty5" /etc/securetty
+echo "Login as root is granted :"
+AddRules "tty1" /etc/securetty quiet
+AddRules "tty2" /etc/securetty quiet
+AddRules "tty3" /etc/securetty quiet
+AddRules "tty4" /etc/securetty quiet
+AddRules "tty5" /etc/securetty quiet
AddRules "tty6" /etc/securetty
# Suid Check
-AddRules "CHECK_SUID=no" /etc/security/msec/security.conf
-AddRules "CHECK_PROMISC=no" /etc/security/msec/security.conf
-AddRules "TTY_WARN=no" /etc/security/msec/security.conf
+echo "Updating file check variable :"
+echo -e "\t- Check suid root file : no."
+AddRules "CHECK_SUID_ROOT=no" /etc/security/msec/security.conf quiet
+echo -e "\t- Check suid goup file : no."
+AddRules "CHECK_SUID_GROUP=no" /etc/security/msec/security.conf quiet
+echo -e "\t- Check world writable file : no."
+AddRules "CHECK_WRITABLE=no" /etc/security/msec/security.conf quiet
+echo -e "\t- Check unowned file : no."
+AddRules "CHECK_UNOWNED=no" /etc/security/msec/security.conf quiet
+echo -e "\t- Check promiscuous mode : no."
+AddRules "CHECK_PROMISC=no" /etc/security/msec/security.conf quiet
+echo -e "\t- Security warning on tty : no."
+AddRules "TTY_WARN=no" /etc/security/msec/security.conf quiet
+echo -e "\t- Security warning in syslog : yes."
AddRules "SYSLOG_WARN=yes" /etc/security/msec/security.conf
-# umask
-AddRules "umask 022" /etc/profile
-AddRules "SECURE_LEVEL=1" /etc/profile
-# Group
-usermod -G audio "${USERNAME}"
-
-# For X auth :
-xhost + localhost 2>&1 >& /dev/null
-
# lilo update
-lilo
+echo -n "Running lilo to record new config : "
+/sbin/lilo >& /dev/null
+echo -e "done.\n"
-# Path
+# /etc/profile
+echo "Setting secure level variable to 1 :"
+AddRules "SECURE_LEVEL=1" /etc/profile
+echo "Setting umask to 002 (user = rw, group = rw, o = r) :"
+AddRules "umask 002" /etc/profile
+echo "Adding \"non secure\" PATH variable :"
AddRules "PATH=\$PATH:/usr/X11R6/bin:." /etc/profile
+
+# Group
+echo "Adding \"${USERNAME} to audio group :"
+usermod -G audio "${USERNAME}"