diff options
| author | Eugeni Dodonov <eugeni@mandriva.org> | 2009-06-26 19:19:56 +0000 |
|---|---|---|
| committer | Eugeni Dodonov <eugeni@mandriva.org> | 2009-06-26 19:19:56 +0000 |
| commit | 3f7ae64cbfde0c479bcfd1f96b2e2f9e49d69cb2 (patch) | |
| tree | 14d937a6fe4a1da9e6e824fb41b13b1c2b5f513e /src | |
| parent | e0fb064bf52c9e18009573e900beb93b478fb2bb (diff) | |
| download | msec-3f7ae64cbfde0c479bcfd1f96b2e2f9e49d69cb2.tar msec-3f7ae64cbfde0c479bcfd1f96b2e2f9e49d69cb2.tar.gz msec-3f7ae64cbfde0c479bcfd1f96b2e2f9e49d69cb2.tar.bz2 msec-3f7ae64cbfde0c479bcfd1f96b2e2f9e49d69cb2.tar.xz msec-3f7ae64cbfde0c479bcfd1f96b2e2f9e49d69cb2.zip | |
Added support for CHECK_USERS and CHECK_GROUPS.
Diffstat (limited to 'src')
| -rw-r--r-- | src/msec/config.py | 3 | ||||
| -rwxr-xr-x | src/msec/libmsec.py | 8 |
2 files changed, 11 insertions, 0 deletions
diff --git a/src/msec/config.py b/src/msec/config.py index 5646fb7..29bcedb 100644 --- a/src/msec/config.py +++ b/src/msec/config.py @@ -69,6 +69,8 @@ SETTINGS = {'BASE_LEVEL': ("libmsec.base_level", 'CHECK_CHKROOTKIT' : ("libmsec.check_chkrootkit", ['yes', 'no']), 'CHECK_RPM' : ("libmsec.check_rpm", ['yes', 'no']), 'CHECK_SHOSTS' : ("libmsec.check_shosts", ['yes', 'no']), + 'CHECK_USERS' : ("libmsec.check_users", ['yes', 'no']), + 'CHECK_GROUPS' : ("libmsec.check_groups", ['yes', 'no']), # notifications 'TTY_WARN' : ("libmsec.tty_warn", ['yes', 'no']), 'MAIL_WARN' : ("libmsec.mail_warn", ['yes', 'no']), @@ -128,6 +130,7 @@ SETTINGS_NETWORK = ["ACCEPT_BOGUS_ERROR_RESPONSES", "ACCEPT_BROADCASTED_ICMP_ECH SETTINGS_PERIODIC = ["CHECK_PERMS", "CHECK_USER_FILES", "CHECK_SUID_ROOT", "CHECK_SUID_MD5", "CHECK_SGID", "CHECK_WRITABLE", "CHECK_UNOWNED", "FIX_UNOWNED", "CHECK_PROMISC", "CHECK_OPEN_PORT", "CHECK_FIREWALL", "CHECK_PASSWD", "CHECK_SHADOW", "CHECK_CHKROOTKIT", "CHECK_RPM", "CHECK_SHOSTS", + "CHECK_USERS", "CHECK_GROUPS", "TTY_WARN", "SYSLOG_WARN", "MAIL_EMPTY_CONTENT", ] diff --git a/src/msec/libmsec.py b/src/msec/libmsec.py index 4f520ae..c22a8a6 100755 --- a/src/msec/libmsec.py +++ b/src/msec/libmsec.py @@ -1484,6 +1484,14 @@ class MSEC: """ Enable checking for dangerous options in users' .rhosts/.shosts files.""" pass + def check_users(self, param): + """ Enable checking for changes in system users.""" + pass + + def check_groups(self, param): + """ Enable checking for changes in system groups.""" + pass + def enable_sudo(self, param): """Allow users to authenticate with their passwords for sudo. If this parameter is set to 'wheel', users must belong to the 'wheel' group to be able to use sudo""" pass |