[726] in linux-security and linux-alert archive
Re: [linux-security] uhh.. security?
daemon@ATHENA.MIT.EDU (Wietse Venema)
Sat May 11 12:43:53 1996
From: wietse@wzv.win.tue.nl (Wietse Venema)
To: ptrainor@aura.title14.com (Pat Trainor)
Date: Sat, 11 May 96 13:05:48 MET DST
Cc: linux-security@tarsier.cv.nrao.edu
In-Reply-To: <Pine.LNX.3.91.960509192951.203G-100000@aura.title14.com>; from "Pat Trainor" at May 9, 96 7:32 pm
Pat Trainor wrote:
>
>
> What way can a sysadmin check all dirs for the proper (or close)
> permissions and symbolic links for an a> functional system, and b> a
> secure system?
The tiger program (ftp://net.tamu.edu/pub/security/TAMU/) does a very
thorough check of file permissions and ownerships. It is particularly
paranoid about anything in root's path, including pathnames embedded in
binaries, in config files, in cron jobs, and in scripts. It can generate
many MBs of output when run in full-blast mode.
Wietse
