diff options
-rwxr-xr-x | init-sh/custom.sh | 13 | ||||
-rwxr-xr-x | init-sh/level0.sh | 6 | ||||
-rwxr-xr-x | init-sh/level1.sh | 7 | ||||
-rwxr-xr-x | init-sh/level2.sh | 6 | ||||
-rwxr-xr-x | init-sh/level3.sh | 6 | ||||
-rwxr-xr-x | init-sh/level4.sh | 8 | ||||
-rwxr-xr-x | init-sh/level5.sh | 9 |
7 files changed, 51 insertions, 4 deletions
diff --git a/init-sh/custom.sh b/init-sh/custom.sh index 7cf7439..38f18cc 100755 --- a/init-sh/custom.sh +++ b/init-sh/custom.sh @@ -84,7 +84,8 @@ echo "this is done by searching in the stack frame the one which contain the" echo "destination address, and by substracting the frame address to the destination buffer one" WaitAnswer; clear if [[ ${answer} == yes ]]; then - AddRules "export LD_PRELOAD=/usr/lib/libsafe.so.1.2" /etc/profile + AddRules "export LD_PRELOAD=/usr/lib/libsafe.so.1.3" /etc/profile + AddRules "export LD_PRELOAD=/usr/lib/libsafe.so.1.3" /etc/zprofile fi fi @@ -227,8 +228,10 @@ WaitAnswer; clear if [[ ${answer} == yes ]]; then export SECURE_LEVEL="4" AddRules "SECURE_LEVEL=\"4\"" /etc/profile + AddRules "SECURE_LEVEL=\"4\"" /etc/zprofile else AddRules "SECURE_LEVEL=\"3\"" /etc/profile + AddRules "SECURE_LEVEL=\"3\"" /etc/zprofile fi ### @@ -246,15 +249,19 @@ done case "${answer}" in "easy") AddRules "umask 002" /etc/profile + AddRules "umask 002" /etc/zprofile ;; "normal") AddRules "umask 022" /etc/profile + AddRules "umask 022" /etc/zprofile ;; "restricted") AddRules "if [[ \${UID} == 0 ]]; then umask 022; else umask 077; fi" /etc/profile + AddRules "if [[ \${UID} == 0 ]]; then umask 022; else umask 077; fi" /etc/zprofile ;; "paranoid") AddRules "umask 077" /etc/profile + AddRules "umask 077" /etc/zprofile ;; esac @@ -388,11 +395,15 @@ echo "However this is a *high* security risk." WaitAnswer; clear if [[ ${answer} == yes ]]; then AddRules "PATH=\$PATH:/usr/X11R6/bin:/usr/games:." /etc/profile quiet + AddRules "PATH=\$PATH:/usr/X11R6/bin:/usr/games:." /etc/zprofile quiet else AddRules "PATH=\$PATH:/usr/X11R6/bin:/usr/games" /etc/profile quiet + AddRules "PATH=\$PATH:/usr/X11R6/bin:/usr/games" /etc/zprofile quiet fi AddRules "export PATH SECURE_LEVEL" /etc/profile +AddRules "export PATH SECURE_LEVEL" /etc/zprofile + diff --git a/init-sh/level0.sh b/init-sh/level0.sh index 00dc54c..b67bdd8 100755 --- a/init-sh/level0.sh +++ b/init-sh/level0.sh @@ -63,11 +63,17 @@ echo -e "done.\n" export SECURE_LEVEL=0 echo "Setting secure level variable to 0 :" AddRules "SECURE_LEVEL=0" /etc/profile +AddRules "SECURE_LEVEL=0" /etc/zprofile + echo "Setting umask to 002 (u=rw,g=rw,o=r) :" AddRules "umask 002" /etc/profile +AddRules "umask 002" /etc/zprofile + echo "Adding \"non secure\" PATH variable :" AddRules "PATH=\$PATH:/usr/X11R6/bin:/usr/games:." /etc/profile quiet AddRules "export PATH SECURE_LEVEL" /etc/profile +AddRules "PATH=\$PATH:/usr/X11R6/bin:/usr/games:." /etc/zprofile quiet +AddRules "export PATH SECURE_LEVEL" /etc/zprofile # Xserver echo "Allowing users to connect X server from everywhere :" diff --git a/init-sh/level1.sh b/init-sh/level1.sh index 0c17880..3aa5b04 100755 --- a/init-sh/level1.sh +++ b/init-sh/level1.sh @@ -63,12 +63,17 @@ echo -e "done.\n" export SECURE_LEVEL=1 echo "Setting secure level variable to 1 :" AddRules "SECURE_LEVEL=1" /etc/profile +AddRules "SECURE_LEVEL=1" /etc/zprofile + echo "Setting umask to 002 (u=rw,g=rw,o=r) :" AddRules "umask 002" /etc/profile +AddRules "umask 002" /etc/zprofile + echo "Adding \"non secure\" PATH variable :" AddRules "PATH=\$PATH:/usr/X11R6/bin:/usr/games:." /etc/profile quiet AddRules "export PATH SECURE_LEVEL" /etc/profile - +AddRules "PATH=\$PATH:/usr/X11R6/bin:/usr/games:." /etc/zprofile quiet +AddRules "export PATH SECURE_LEVEL" /etc/zprofile # Xserver echo "Allowing users to connect X server from localhost :" diff --git a/init-sh/level2.sh b/init-sh/level2.sh index 9348529..5e11b9f 100755 --- a/init-sh/level2.sh +++ b/init-sh/level2.sh @@ -64,11 +64,17 @@ echo -e "done.\n" export SECURE_LEVEL=2 echo "Setting secure level variable to 2 :" AddRules "SECURE_LEVEL=2" /etc/profile +AddRules "SECURE_LEVEL=2" /etc/zprofile + echo "Setting umask to 022 (u=rw,g=r,o=r) :" AddRules "umask 022" /etc/profile +AddRules "umask 022" /etc/zprofile + echo "Adding \"normal\" PATH variable :" AddRules "PATH=\$PATH:/usr/X11R6/bin:/usr/games" /etc/profile quiet AddRules "export PATH SECURE_LEVEL" /etc/profile +AddRules "PATH=\$PATH:/usr/X11R6/bin:/usr/games" /etc/zprofile quiet +AddRules "export PATH SECURE_LEVEL" /etc/zprofile # Xserver echo "Allowing users to connect X server from localhost :" diff --git a/init-sh/level3.sh b/init-sh/level3.sh index bf53c66..20cb713 100755 --- a/init-sh/level3.sh +++ b/init-sh/level3.sh @@ -71,11 +71,17 @@ echo -e "done.\n" export SECURE_LEVEL=3 echo "Setting secure level variable to 3 :" AddRules "SECURE_LEVEL=3" /etc/profile +AddRules "SECURE_LEVEL=3" /etc/zprofile + echo "Setting umask to 022 (u=rw,g=r,o=r) :" AddRules "umask 022" /etc/profile +AddRules "umask 022" /etc/zprofile + echo "Adding a \"normal\" PATH variable : " AddRules "PATH=\$PATH:/usr/X11R6/bin:/usr/games" /etc/profile quiet AddRules "export PATH SECURE_LEVEL" /etc/profile +AddRules "PATH=\$PATH:/usr/X11R6/bin:/usr/games" /etc/zprofile quiet +AddRules "export PATH SECURE_LEVEL" /etc/zprofile # Do not boot on a shell echo -n "Setting up inittab to authorize any user to issue ctrl-alt-del : " diff --git a/init-sh/level4.sh b/init-sh/level4.sh index f10fb54..ab72a2e 100755 --- a/init-sh/level4.sh +++ b/init-sh/level4.sh @@ -82,6 +82,8 @@ echo -e "done.\n" # Server update echo "Setting secure level variable to 4 :" AddRules "SECURE_LEVEL=4" /etc/profile +AddRules "SECURE_LEVEL=4" /etc/zprofile + export SECURE_LEVEL=4 IFS=" @@ -105,14 +107,18 @@ echo -e "done.\n"; # /etc/profile echo "Setting umask to 022 (u=rw,g=rx) for root, 077 (u=rw) for user :" AddRules "if [[ \${UID} == 0 ]]; then umask 022; else umask 077; fi" /etc/profile +AddRules "if [[ \${UID} == 0 ]]; then umask 022; else umask 077; fi" /etc/zprofile echo "Adding \"normal\" PATH variable :" AddRules "PATH=\$PATH:/usr/X11R6/bin:/usr/games" /etc/profile quiet AddRules "export PATH SECURE_LEVEL" /etc/profile +AddRules "PATH=\$PATH:/usr/X11R6/bin:/usr/games" /etc/zprofile quiet +AddRules "export PATH SECURE_LEVEL" /etc/zprofile if [[ -f /usr/lib/libsafe.so.1.2 ]]; then echo "Enabling stack overflow protection :" - AddRules "export LD_PRELOAD=/usr/lib/libsafe.so.1.2" /etc/profile + AddRules "export LD_PRELOAD=/usr/lib/libsafe.so.1.3" /etc/profile + AddRules "export LD_PRELOAD=/usr/lib/libsafe.so.1.3" /etc/zprofile fi # Do not boot on a shell diff --git a/init-sh/level5.sh b/init-sh/level5.sh index 0d9b58c..195b354 100755 --- a/init-sh/level5.sh +++ b/init-sh/level5.sh @@ -96,6 +96,8 @@ echo -e "done.\n" # Disable all server : echo "Setting secure level variable to 5 :" AddRules "SECURE_LEVEL=5" /etc/profile +AddRules "SECURE_LEVEL=5" /etc/zprofile + IFS=" " @@ -119,14 +121,19 @@ echo -e "done.\n"; # /etc/profile echo "Setting umask to 077 (u=rw) :" AddRules "umask 077" /etc/profile +AddRules "umask 077" /etc/zprofile echo "Adding \"normal\" PATH variable :" AddRules "PATH=\$PATH:/usr/X11R6/bin" /etc/profile quiet AddRules "export PATH SECURE_LEVEL" /etc/profile +AddRules "PATH=\$PATH:/usr/X11R6/bin" /etc/zprofile quiet +AddRules "export PATH SECURE_LEVEL" /etc/zprofile + if [[ -f /usr/lib/libsafe.so.1.2 ]]; then echo "Enabling stack overflow protection :" - AddRules "export LD_PRELOAD=/usr/lib/libsafe.so.1.2" /etc/profile + AddRules "export LD_PRELOAD=/usr/lib/libsafe.so.1.3" /etc/profile + AddRules "export LD_PRELOAD=/usr/lib/libsafe.so.1.3" /etc/zprofile fi # Do not boot on a shell |