Commit Graph

23 Commits

Author SHA1 Message Date
lukem d0b6172bfe Also check /etc/profile for setting of umask.
From Chris Jones <cjones@rupert.oscs.montana.edu> in [misc/3763]
1997-06-23 11:59:30 +00:00
lukem b07aea8e1c Ignore blank lines and comments in /etc/exports
From Jaromir Dolecek <dolecek@moria.ics.muni.cz> in [misc/3691]
1997-06-23 01:49:15 +00:00
mycroft d8dcc6580c Don't list directories with the setuid bit set or FIFOs. 1997-04-21 17:38:39 +00:00
mycroft df1a64b9f5 Minor cleanup. 1997-04-21 11:19:57 +00:00
mycroft 4a0848acd9 When doing security checks in user home directory, sort by home directory, to
optimize lookups a little.
Also, add some more files to the naughty lists.
1997-04-21 11:14:41 +00:00
mikel cae2f3b253 make /etc/aliases check a bit more discriminating: the line must be
uncommented, and it must contain a '|' character (forwarding to program).
1997-04-17 07:42:07 +00:00
mycroft 814cb67087 Minor cleanup. 1997-03-10 09:45:58 +00:00
mikel 5b5eddafe2 Don't leave logs in /etc/mtree; from Andrew Wheadon in PR misc/3106.
Also fixed some comments.
1997-02-14 08:52:05 +00:00
mrg a9efb63860 add configuration file for security, as security.conf.
the file allows each action taken by security to be
turned on or off.
1997-01-05 11:46:12 +00:00
mrg 2bc04b57a8 ignore setgid on dirs. 1996-05-22 00:51:08 +00:00
pk 1377ee0906 Several fixes from Arne H. Juul (PR#1814). 1996-01-14 00:58:25 +00:00
thorpej 0763a85671 New-style RCS ids. 1995-12-17 02:01:10 +00:00
jtc 62b86c41b9 Change .emacsrc to .emacs in list of files to be checked.
From Mike Long, in PR #768.
1995-01-31 16:09:45 +00:00
mycroft 3df08b7f25 Fix the fstype-based pruning algorithms. Partly suggested by John Kohl. 1994-10-18 16:52:56 +00:00
cgd 91778fe0ca update to new security script 1994-06-15 04:28:06 +00:00
cgd 7e3b99ee2b people importing trees from SunOS should be shot; add -d to ls. 1994-01-15 18:32:06 +00:00
mycroft cb4c5af110 Find only set[gu]id files and devices, like old ncheck(1). 1993-12-15 07:07:36 +00:00
cgd 2d1f5986f3 use of xargs wasn't strictly a security hole, but could lead to fouled-
up results.  xargs should really have an option to automatically
'quote' input.
1993-10-27 16:59:13 +00:00
mycroft 8b6b8bad1e Use xargs(1) to avoid overflowing the argument list to ls(1). 1993-10-27 09:54:31 +00:00
cgd 8379ac2852 from FreeBSD: check for set*id devices in a way closer to the original.
note that you can still overflow the args buffer for the ls (and it does
that on lamp), but it's better than before.
1993-10-26 01:38:57 +00:00
mycroft 74ccbe814f Rewrite set[gu]id find command to avoid walking non-local file systems. 1993-10-19 06:13:08 +00:00
cgd 1c2ae9dcc3 updated to reflect the fact that we don't have an ncheck 1993-04-02 08:00:48 +00:00
cgd 61f282557f initial import of 386bsd-0.1 sources 1993-03-21 09:45:37 +00:00