1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
|
2000-02-17 Yoann Vandoorselaere <yoann@mandrakesoft.com>
* level 4 - 5 /var/log in mode 711 for daemon spawned as non root user.
* /etc/printcap is 644 in mode 4 & 5
2000-01-13 Yoann Vandoorselaere <yoann@mandrakesoft.com>
* custom.sh : ( thanks to Thomas Poindessous ) for pointing out that :
* s'/tmp\/msec.XXXXXX/\/tmp\/msec.XXXXXX/'
* fix two typo
2000-01-06 Yoann Vandoorselaere <yoann@mandrakesoft.com>
* security.sh : find are niced to (+19)
* Camille updated the documentation.
* Removed the "spawn a shell on boot" feature of level0 cause of a tty
problem
2000-01-04 Yoann Vandoorselaere <yoann@mandrakesoft.com>
* shutdown.allow is 600 in level 4/5; 644 else.
* updated doc/security.txt
* updated init-sh/custom.sh
2000-01-03 Yoann Vandoorselaere <yoann@mandrakesoft.com>
* level 0-3 -> ctrl-alt-del allowed.
* level 4-5 -> ctrl-alt-del allowed for root.
1999-12-29 Yoann Vandoorselaere <yoann@mandrakesoft.com>
* Removing grpuser manpage, because :
1 - grpuser is not to be used by user, ( and should not have a manpage ).
2 - manpage is obsolete
1999-12-28 Chmouel Boudjnah <chmouel@mandrakesoft.com>
* doc/*8: add man-pages from camille.
1999-12-24 Yoann Vandoorselaere <yoann@mandrakesoft.com>
* level[35]: also do a mail report.
* moved Syslog(), Ttylog(), Maillog() to security.sh
* security_check.sh & diff_check.sh now sourced from security.sh
1999-12-22 Yoann Vandoorselaere <yoann@mandrakesoft.com>
* init-sh/perm[15]: files should be constant in their content.
all entry should be in each perm file
1999-12-21 Pixel <pixel@mandrakesoft.com>
* init-sh/perm.4: changed /etc/lilo.conf to 600 to make lilo quiet
* init-sh/lib.sh (LiloUpdate): replace the -z ${LILO_PASSWORD} by
${LILO_PASSWORD+set} != set
* init-sh/lib.sh (LiloUpdate): replace the call to AddRules to
AddBegRules (password= must in the beginning of lilo.conf)
* init-sh/lib.sh (AddBegRules): 1 \n instead of 2
1999-12-20 Yoann Vandoorselaere <yoann@mandrakesoft.com>
* We are ok.
1999-12-20 Yoann Vandoorselaere <yoann@mandrakesoft.com>
* init-sh/perm.[05]: Oops, /var/spool/mail is 771 not 755.
1999-12-20 Yoann Vandoorselaere <yoann@mandrakesoft.com>
* init-sh/perm.[15]: /var/spool/mail is 755
1999-12-19 Pixel <pixel@mandrakesoft.com>
* init-sh/lib.sh: removed the failsafe for not a tty stdin (not
efficient)
* init-sh/lib.sh: rewrote the perl script (now a one-liner :)
1999-12-19 Yoann Vandoorselaere <yoann@mandrakesoft.com>
* Big cleanup.
* All work properly now.
1999-12-19 Pixel <pixel@mandrakesoft.com>
* msec.spec: modify to take into account the Makefile modifying
the .spec
* Makefile (VERSION): make it the same as the .spec
1999-12-18 Pixel <pixel@mandrakesoft.com>
* init-sh/lib.sh: added failsafe for not a tty stdin
1999-12-17 Yoann Vandoorselaere <yoann@mandrakesoft.com>
* security_check.sh: Bugfix
* diff_check.sh: dito
* Added security.conf
1999-12-16 Yoann Vandoorselaere <yoann@mandrakesoft.com>
* Don't use msec parsing routine to hack inittab.
* Indentation problem should be corrected
* All debug finished, changing secure.tmp to a mktemp
allocated tmpfile for symlink security.
1999-12-16 Chmouel Boudjnah <chmouel@mandrakesoft.com>
* msec.lyx: add new file from camille.
1999-12-15 Yoann Vandoorselaere <yoann@mandrakesoft.com>
* grpuser.sh take only one opt ( --refresh ),
take group name from /etc/security/msec/group.conf
and add user from /etc/security/msec/user.conf if secure level > 2
* level0.sh fixed inittab entry
* fix a typo
* As requested, direct shell access for level 0
* Fixed a little problem with the DRAKX_USERS variable
* removed chattr +a because of the problem it can cause to
other system automated system task
1999-12-13 Yoann Vandoorselaere <yoann@mandrakesoft.com>
* Documentation
* diff_check.sh : Fix a typo.
1999-12-10 Yoann Vandoorselaere <yoann@mandrakesoft.com>
* custom.sh : Fix a typo & forgot to export path & secure level
1999-12-09 Yoann Vandoorselaere <yoann@mandrakesoft.com>
* More bug fix.
* xhost + localhost for lower level, xhost + for level0.
* Many bugfix, just trying to get a bugfree release
* Renamed some variable, added consistencie.
* security_check.sh: print header at begining of the log.
* diff_check.sh: typo.
1999-12-08 Yoann Vandoorselaere <yoann@mandrakesoft.com>
* security_check.sh: remove /tmp stuff.
* security_check.sh: typo
* level[1-3].sh: Changed crontab call to file_check.sh
from every hour to every midnight ( bug reported by axalon ).
* file_check.sh: clean up.
* moved file_check.sh to diff_check.sh and changed
what is related to cron call in level[15].sh
* Added missing configurations question in level custom.
* bug fix.
1999-12-08 Chmouel Boudjnah <chmouel@mandrakesoft.com>
* Makefile (rpm): target for rpm.
(dis): Add a make dis to easy switch from cvs to dis.
* msec.spec: use bzip2 sources, clean up %install to use Makefile.
move msec.spec on the top to allow rpm -ta (in fact rpm -ta don't
support currently bzip2 sources)
* cron-sh/promisc_check.sh (LogPromisc): add a missing quote.
* ChangeLog: first entry.
1999-12-07 Axalon Bloodstone <axalon@linux-mandrake.com>
* Fix call to security_check.sh
* Handle usernames longer than 8 chars in file_check
|