aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--ChangeLog2
-rwxr-xr-xinit-sh/custom.sh25
-rw-r--r--msec.spec3
-rw-r--r--src/msec_find/find.c2
4 files changed, 21 insertions, 11 deletions
diff --git a/ChangeLog b/ChangeLog
index eaafff4..dfcaa1a 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -2,6 +2,8 @@
* Added msec_find utility, written by Thierry Vignaud
which will avoid us to find / 5 times :)
* Heavilly modified msec_find.
+ * custom.sh : check if libsafe is installed before asking
+ if the user want to use it.
2000-03-07 Yoann Vandoorselaere <yoann@mandrakesoft.com>
* Added support for libsafe stack overflow protection in level 4 / 5 /
diff --git a/init-sh/custom.sh b/init-sh/custom.sh
index 9d46bd1..253d9d9 100755
--- a/init-sh/custom.sh
+++ b/init-sh/custom.sh
@@ -5,7 +5,6 @@
# Writen by Vandoorselaere Yoann <yoann@mandrakesoft.com>
#
-
if [[ -f /usr/share/msec/lib.sh ]]; then
. /usr/share/msec/lib.sh
else
@@ -15,6 +14,8 @@ fi
clear
+WRITE_CRON="false"
+
###
echo "Do you want all system events to be logged on tty12 ?"
WaitAnswer; clear
@@ -62,6 +63,8 @@ if [[ ${answer} == yes ]]; then
AddRules "tty6" /etc/securetty
fi
###
+
+if [[ -f /usr/lib/libsafe.so.1.2 ]]; then
echo "Do you want to enable the libsafe stack overflow protection ?"
echo "This stack overflow protection work by catching dangerous function call"
echo "like strcpy, strcat, getwd, gets, [vf]scanf, realpath, [v]sprintf"
@@ -72,13 +75,14 @@ WaitAnswer; clear
if [[ ${answer} == yes ]]; then
AddRules "export LD_PRELOAD=/usr/lib/libsafe.so.1.2" /etc/profile
fi
+fi
###
echo "Do you want your system to daily check important security problem ?"
WaitAnswer; clear
if [[ ${answer} == yes ]]; then
AddRules "CHECK_SECURITY=yes" /etc/security/msec/security.conf
- AddRules "0 0-23 * * * root nice --adjustment=+19 /usr/share/msec/security.sh" /etc/crontab
+ WRITE_CRON="true"
fi
###
@@ -86,7 +90,7 @@ echo "Do you want your system to daily check new open port listening ?"
WaitAnswer; clear
if [[ ${answer} == yes ]]; then
AddRules "CHECK_OPEN_PORT=yes" /etc/security/msec/security.conf
- AddRules "0 0-23 * * * root nice --adjustment=+19 /usr/share/msec/security.sh" /etc/crontab
+ WRITE_CRON="true"
fi
###
@@ -94,7 +98,7 @@ echo "Do you want your system to check for grave permission problem on sensibles
WaitAnswer; clear
if [[ ${answer} == yes ]]; then
AddRules "CHECK_PERMS=yes" /etc/security/msec/security.conf
- AddRules "0 0-23 * * * root nice --adjustment=+19 /usr/share/msec/security.sh" /etc/crontab
+ WRITE_CRON="true"
fi
###
@@ -102,7 +106,7 @@ echo "Do you want your system to daily check SUID Root file change ?"
WaitAnswer; clear
if [[ ${answer} == yes ]]; then
AddRules "CHECK_SUID_ROOT=yes" /etc/security/msec/security.conf
- AddRules "0 0-23 * * * root nice --adjustment=+19 /usr/share/msec/security.sh" /etc/crontab
+ WRITE_CRON="true"
fi
###
@@ -110,7 +114,7 @@ echo "Do you want your system to daily check suid files md5 checksum changes ?"
WaitAnswer; clear
if [[ ${answer} == yes ]]; then
AddRules "CHECK_SUID_MD5=yes" /etc/security/msec/security.conf
- AddRules "0 0-23 * * * root nice --adjustment=+19 /usr/share/msec/security.sh" /etc/crontab
+ WRITE_CRON="true"
fi
###
@@ -118,7 +122,7 @@ echo "Do you want your system to daily check SUID Group file change ?"
WaitAnswer; clear
if [[ ${answer} == yes ]]; then
AddRules "CHECK_SUID_GROUP=yes" /etc/security/msec/security.conf
- AddRules "0 0-23 * * * root nice --adjustment=+19 /usr/share/msec/security.sh" /etc/crontab
+ WRITE_CRON="true"
fi
###
@@ -126,7 +130,7 @@ echo "Do you want your system to daily check Writeable file change ?"
WaitAnswer; clear
if [[ ${answer} == yes ]]; then
AddRules "CHECK_WRITEABLE=yes" /etc/security/msec/security.conf
- AddRules "0 0-23 * * * root nice --adjustment=+19 /usr/share/msec/security.sh" /etc/crontab
+ WRITE_CRON="true"
fi
###
@@ -134,7 +138,7 @@ echo "Do you want your system to daily check Unowned file change ?"
WaitAnswer; clear
if [[ ${answer} == yes ]]; then
AddRules "CHECK_UNOWNED=yes" /etc/security/msec/security.conf
- AddRules "0 0-23 * * * root nice --adjustment=+19 /usr/share/msec/security.sh" /etc/crontab
+ WRITE_CRON="true"
fi
###
@@ -174,6 +178,9 @@ else
fi
###
+if [[ ${WRITE_CRON} == "true" ]]; then
+ AddRules "0 0-23 * * * root nice --adjustment=+19 /usr/share/msec/security.sh" /etc/crontab
+fi
LiloUpdate;
/sbin/lilo >& /dev/null
diff --git a/msec.spec b/msec.spec
index c9a662d..d2cb984 100644
--- a/msec.spec
+++ b/msec.spec
@@ -1,6 +1,6 @@
# do not modify Version below, modify it in Makefile (see CVS)
%define version 0.10
-%define release 1mdk
+%define release 2mdk
Summary: Security Level & Program for the Linux Mandrake distribution
Name: msec
@@ -50,6 +50,7 @@ rm -rf $RPM_BUILD_ROOT
%changelog
* Tue Mar 08 2000 Yoann Vandoorselaere <yoann@mandrakesoft.com> 0.10-1mdk
+- custom.sh : check if libsafe is installed before asking if the user want to use it.
- Heavily modified msec_find.
- Added msec_find utility, written by Thierry Vignaud which will avoid us to
find / 5 times :)
diff --git a/src/msec_find/find.c b/src/msec_find/find.c
index 65e8c73..274e8ff 100644
--- a/src/msec_find/find.c
+++ b/src/msec_find/find.c
@@ -193,7 +193,7 @@ int main(int argc, char **argv)
* /mnt/cdrom/ is the mounted directory.
* Hopefully, find has the same "bug"
*/
-
+
ctrl = 1;
directory = ( char * ) malloc((strlen(argv[i]) + 1));
if ( ! directory ) {