Commit Graph

62 Commits

Author SHA1 Message Date
atatat
9202500182 Add a chunk of code to check the installed pkgs list by making a list
of all installed pkgs and their +CONTENTS and +REQUIRED_BY files (if
they have one) and handling this file along with all the other
CHANGELIST stuff.

Greg Woods gets points for coming up with the idea.

Luke Mewburn asked me to do it, and provided lots of criticism along
the way.
2001-10-01 02:21:20 +00:00
lukem
5a212acf6e remove acd (non existant), add ld (for hw raid logical drives) 2001-09-24 03:19:43 +00:00
perry
5f93a646a5 add raid, remove cd drives and floppy drives from the nightly disk
permissions checks.

note: This whole thing needs to be rototilled. And yes, I'm
volunteering to do it.
2001-09-23 19:51:20 +00:00
perry
247041e342 Update the password sanity checking thusly:
1) If a password entry is of the form \*[A-z-]+, do not complain that
   the account is off but has a valid password. Thus you can do
   passwords like *ssh to indicate ssh only logins.
   We should come up with a standard scheme for what various *keywords mean.
   Note that if the field length is 13, 20 or 34 you'll still get
   bitched at.
   This code should be cleaned up. (So should the password scheme.)
2) If the entry is for "toor", don't complain that the account is off
   but has a valid shell. We ship with toor:*:, there is no point in
   complaining about it.

Part of the campaign against spurious security warning output.
2001-09-23 19:10:25 +00:00
perry
215d097e45 run mtree on the special file using the new -l option, so it will not
complain about things like files set 444 instead of 644.

part of the campaign against spurious output in the nightly security run.
2001-09-22 04:06:23 +00:00
simonb
e60403a3f9 Remove rz/tz support for pmax, switch to MI SCSI. 2001-08-26 11:55:38 +00:00
lukem
684e89f355 use mktemp(1) to create temporary directories, and ensure that cleanup traps
are setup asap.
2001-06-18 10:54:02 +00:00
lukem
bd7fad6c47 use symbolic signal names instead of numbers 2001-06-14 07:50:06 +00:00
atatat
6534ee3cfb When backing files listed in /etc/changelist, instead of truncating
to the basename of the file, use the whole path with $backup_dir
prepended, in effect mirrorring the directory tree.  This eliminates
the possibility of a name collision.

Closes pr bin/12727.
2001-05-10 14:19:27 +00:00
atatat
4e1cbd39fe Allow embedded hyphens in user names (and group names), just not as the
first or last character.
2001-05-10 14:10:15 +00:00
atatat
2811b1707a Provide the capability of storing backups via RCS instead of just a
"current" and a "last" (which is useless if you wanna know what you
changed last week).  Set the default to on.
2001-04-04 03:17:19 +00:00
hubertf
efc93d040b Run skeyaudit (only) from /etc/daily instead of /etc/security, else there's
some risk that the users don't get warned if an admin turns off running
/etc/security (by putting run_security=no into daily.conf).

Fixes PR 12267.
2001-03-15 02:23:47 +00:00
atatat
a99a7deee1 Allow md5 passwords of length 34 as passwords 2001-03-12 16:48:13 +00:00
jdolecek
4ceebb1156 Introduce max_grouplen - this determines the maximum permitted length
of group names, similarily to max_loginlen
2001-02-11 09:55:09 +00:00
abs
6258e0bf60 Add a new variable 'backup_dir', which can be used to change the backup
directory from /var/backup (useful for those of us who have a separate /var
and would like to have our backup disklabels on the root filesystem).
Default behaviour unchanged. backup_dir being unset is taken as /var/backup.
2001-01-09 17:30:29 +00:00
lukem
0c70e530af use ${foo##*/} instead of basename $foo. as suggested (with minor variation)
by Toru Nishimura <nisimura@itc.aist-nara.ac.jp>
2000-10-07 07:36:56 +00:00
christos
b4266bbcb7 PR/10982: kilbi@rad.rwth-aachen.de: Don't confuse printf with usernames
that start with -.
2000-09-10 21:27:50 +00:00
sommerfeld
9928e1fe95 Fix pr9320: improve umask checking for root's dotfiles.
Now even notices bogus umasks like 044
2000-07-02 22:27:47 +00:00
ad
fb3a33ff99 We may as well allow local additions to /etc/security, since it gets done
for the other periodic checks.
2000-05-26 17:08:21 +00:00
itojun
13c8f7a2df check /etc/mail/aliases on check_aliases.
/etc/aliases will be checked as well, if exists (for backward compatibility).
2000-05-05 18:28:53 +00:00
fair
065c791de8 Add skeyaudit to /etc/security (with a variable to disable) per PR 5871 2000-04-24 23:46:37 +00:00
christos
e597a72d0b Use cat -f to avoid denial of service attacks by people who make .rhosts
files fifos.
2000-01-15 01:15:12 +00:00
perry
4220708c27 We already had logic not to try to grab the disklabels of md's and
fd's -- add cd's to the list.
1999-09-05 15:11:42 +00:00
hubertf
8b10c79f68 Use standard variable "$0" for the whole line instead of the non-standard,
undocumented "$LINE".

Submitted in PR 7041 by Greg A. Woods <woods@weird.com>
1999-07-22 00:47:50 +00:00
kleink
357a0baaf8 Get rid of old-style chown operands. 1999-04-23 08:20:28 +00:00
wrstuden
ee6f8c2579 Add a commented-out duplicate id checker which doesn't exclude toor, and
add a comment saying how to switch it on.
1999-03-17 19:11:05 +00:00
wrstuden
d32be9a273 Modify duplicate user id check to exclude "toor". Any other uid 0
accounts will generate a message with that (those) account names, root, and
toor present in the list.
1999-03-17 02:58:11 +00:00
fair
7153b55a87 Fix PR 5068 - scanning ~user/.rhosts files on NFS mounted home
directories with -maproot=nobody on the server. The argument to be
made is that if NetBSD's root can't read these files, it shouldn't
try to check them.
1999-03-16 06:18:17 +00:00
abs
dade5b2993 Handle + in master.passwd (From PR#4802).
Also, handle + in group and allow max_loginlen to be configurable.
1999-02-18 18:53:32 +00:00
tv
850ab15c3b Nix "Login %s is off but still has a valid shell" warning for 20-character
encrypted passwords generated by the NEWSALT option to passwd(1).
1998-09-14 19:42:42 +00:00
lukem
3a3b03bdd7 * if $check_disklabels=YES, backup and compare of disklabels of current disks.
should detect added or removed disks as well. backup labels go in
  /var/backups/disklabel.XXX (XXX = disk name, e.g., sd0), and the
  changelist style backups have .current or .backup suffixes
* minor whitespace, formatting, and comment cleanup
1998-08-25 13:47:29 +00:00
lukem
8f59ce8e35 include rc.subr and use appropriately 1998-01-26 12:02:43 +00:00
mycroft
dae4e5df82 Deal with files in the changelist that are added or removed.
* When a file is removed, move its .current file to .backup.
* When a file is added, create its .current file.
* In either case, send a diff against /dev/null.
Mostly from Jim Bernard in PR 4183, with the removal case fixed.
1997-10-08 16:13:44 +00:00
lukem
90ec96df78 - use 'ftpd -C user' to check the format of /etc/ftpusers.
closes [security/4061]
- rename $MPPATH to $MPBYPATH, to clarify its use
1997-09-23 14:36:56 +00:00
lukem
f09b5e36c7 - don't print "Checking setuid files and devices:" if no problems
found (solves [security/4047])
- minor cleanup (rename a couple of variables, etc)
1997-09-18 05:16:19 +00:00
lukem
89fa41e9da - correct use of generated temporary files.
- clean up comments and generated output.
- clean up $SECUREDIR if SIGINT or SIGQUIT received.
- .rhosts may have to be world readable in NFS environments, so allow it to be.
- update list of disks to check for reasonable permissions
- don't show differences in /etc/master.passwd, as the encrypted strings may
  be sent. From reading comments earlier in the script, this was the intention
  anyway. Fix from Jim Bernard <jbernard@tater.mines.edu> in [security/3994].
- when checking /etc/ftpusers, skip comment lines and only match full
  usernames.
  XXX: this should be enhanced to check lines of the enhanced ftpusers format.
1997-08-22 09:40:17 +00:00
lukem
0f26a04544 * ensure that check for '.' in root's $PATH doesn't yield a false positive.
fix from Jim Bernard <jbernard@tater.mines.edu> in [security/3995]
* detect empty :: elements as '.' in a sh(1) path (leading :, trailing :,
  or ::)
1997-08-19 12:08:35 +00:00
lukem
fb34424eb0 * when checking /etc/master.passwd, read in /etc/shells for a list of
valid shells and then check each active account against that
* remove unnecessary ()s in a few printf's.
1997-06-24 02:32:38 +00:00
lukem
ff2ea5d139 * take advantage of xargs -0 when finding devices and set?id files
* use 'ls -q' in the above, so that characters that may cause problems
  in the output are replaced with '?'
1997-06-24 01:16:47 +00:00
lukem
d0b6172bfe Also check /etc/profile for setting of umask.
From Chris Jones <cjones@rupert.oscs.montana.edu> in [misc/3763]
1997-06-23 11:59:30 +00:00
lukem
b07aea8e1c Ignore blank lines and comments in /etc/exports
From Jaromir Dolecek <dolecek@moria.ics.muni.cz> in [misc/3691]
1997-06-23 01:49:15 +00:00
mycroft
d8dcc6580c Don't list directories with the setuid bit set or FIFOs. 1997-04-21 17:38:39 +00:00
mycroft
df1a64b9f5 Minor cleanup. 1997-04-21 11:19:57 +00:00
mycroft
4a0848acd9 When doing security checks in user home directory, sort by home directory, to
optimize lookups a little.
Also, add some more files to the naughty lists.
1997-04-21 11:14:41 +00:00
mikel
cae2f3b253 make /etc/aliases check a bit more discriminating: the line must be
uncommented, and it must contain a '|' character (forwarding to program).
1997-04-17 07:42:07 +00:00
mycroft
814cb67087 Minor cleanup. 1997-03-10 09:45:58 +00:00
mikel
5b5eddafe2 Don't leave logs in /etc/mtree; from Andrew Wheadon in PR misc/3106.
Also fixed some comments.
1997-02-14 08:52:05 +00:00
mrg
a9efb63860 add configuration file for security, as security.conf.
the file allows each action taken by security to be
turned on or off.
1997-01-05 11:46:12 +00:00
mrg
2bc04b57a8 ignore setgid on dirs. 1996-05-22 00:51:08 +00:00
pk
1377ee0906 Several fixes from Arne H. Juul (PR#1814). 1996-01-14 00:58:25 +00:00