From 3f7ae64cbfde0c479bcfd1f96b2e2f9e49d69cb2 Mon Sep 17 00:00:00 2001 From: Eugeni Dodonov Date: Fri, 26 Jun 2009 19:19:56 +0000 Subject: Added support for CHECK_USERS and CHECK_GROUPS. --- src/msec/config.py | 3 +++ src/msec/libmsec.py | 8 ++++++++ 2 files changed, 11 insertions(+) (limited to 'src') diff --git a/src/msec/config.py b/src/msec/config.py index 5646fb7..29bcedb 100644 --- a/src/msec/config.py +++ b/src/msec/config.py @@ -69,6 +69,8 @@ SETTINGS = {'BASE_LEVEL': ("libmsec.base_level", 'CHECK_CHKROOTKIT' : ("libmsec.check_chkrootkit", ['yes', 'no']), 'CHECK_RPM' : ("libmsec.check_rpm", ['yes', 'no']), 'CHECK_SHOSTS' : ("libmsec.check_shosts", ['yes', 'no']), + 'CHECK_USERS' : ("libmsec.check_users", ['yes', 'no']), + 'CHECK_GROUPS' : ("libmsec.check_groups", ['yes', 'no']), # notifications 'TTY_WARN' : ("libmsec.tty_warn", ['yes', 'no']), 'MAIL_WARN' : ("libmsec.mail_warn", ['yes', 'no']), @@ -128,6 +130,7 @@ SETTINGS_NETWORK = ["ACCEPT_BOGUS_ERROR_RESPONSES", "ACCEPT_BROADCASTED_ICMP_ECH SETTINGS_PERIODIC = ["CHECK_PERMS", "CHECK_USER_FILES", "CHECK_SUID_ROOT", "CHECK_SUID_MD5", "CHECK_SGID", "CHECK_WRITABLE", "CHECK_UNOWNED", "FIX_UNOWNED", "CHECK_PROMISC", "CHECK_OPEN_PORT", "CHECK_FIREWALL", "CHECK_PASSWD", "CHECK_SHADOW", "CHECK_CHKROOTKIT", "CHECK_RPM", "CHECK_SHOSTS", + "CHECK_USERS", "CHECK_GROUPS", "TTY_WARN", "SYSLOG_WARN", "MAIL_EMPTY_CONTENT", ] diff --git a/src/msec/libmsec.py b/src/msec/libmsec.py index 4f520ae..c22a8a6 100755 --- a/src/msec/libmsec.py +++ b/src/msec/libmsec.py @@ -1484,6 +1484,14 @@ class MSEC: """ Enable checking for dangerous options in users' .rhosts/.shosts files.""" pass + def check_users(self, param): + """ Enable checking for changes in system users.""" + pass + + def check_groups(self, param): + """ Enable checking for changes in system groups.""" + pass + def enable_sudo(self, param): """Allow users to authenticate with their passwords for sudo. If this parameter is set to 'wheel', users must belong to the 'wheel' group to be able to use sudo""" pass -- cgit v1.2.1