LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 08-26-2003, 05:28 PM   #1
raybcher
LQ Newbie
 
Registered: Aug 2003
Location: Fredericton NB
Posts: 4

Rep: Reputation: 0
Question Paranoid security


Good Day!
New guy here and first post... hope no rules broken.

Installed Linux (Mandrake 9) with paranoid security.
Good stuff but sometimes anoying...
One of the features resets ownership of all files within /var/log to root with permissions "600" read write by owner only.
This appears to be done via cron using "msec".

Does anyone know how to bypass this feature for a given subdirectory?
I searched for config files but could not find an include/exclude list on anything that looke like it. The responsible code appears written in Python and I'm unfamiliar with it.

I'd also be interested in finding decent documentation on this subject.

Later...

Rayb
 
Old 08-27-2003, 01:19 AM   #2
chort
Senior Member
 
Registered: Jul 2003
Location: Silicon Valley, USA
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660

Rep: Reputation: 69
msec is really nice, but it can be maddening at times(stupid promiscuous mode checks filling the log every minute, arrrg!).

The files are in /usr/share/msec (or was it /usr/share/lib/msec?). I can't remember the exact file that holds the file permission settings, but it's in there. Try # cd /usr/share/msec ; grep "/var/log" *

By the way, /var/log really shouldn't be readable by anyone other than root. Use sudo to view logs as a non-root user.
 
Old 08-28-2003, 05:44 PM   #3
tobyl
Member
 
Registered: Apr 2003
Location: uk
Distribution: slackware current
Posts: 757

Rep: Reputation: 53
raybcher, this is some stuff I saved from when I had msec installed
hope its not out of date...

Customizing msec With Overrides
To override any of these defaults, you will need to create the file /etc/security/msec/level.local with your overrides.
To have a better idea of the different commands you can use in the level.local file, read the mseclib manpage (man mseclib). It describes all of the functions you can set in the file and what each function is for.
 
Old 08-29-2003, 08:54 AM   #4
raybcher
LQ Newbie
 
Registered: Aug 2003
Location: Fredericton NB
Posts: 4

Original Poster
Rep: Reputation: 0
Thanks

I specially like the override functionality instead of modifying the package source.

I'll have to check my MANPATH...

Take care.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Paranoid Data Security!! elliotfuller Linux - Networking 3 08-26-2005 01:46 AM
What's a good distro if I'm really paranoid about security/viruses? Mr. Hill Linux - Newbie 12 02-23-2005 11:59 PM
Have I been hacked or am I just being paranoid? Kyral Retsam Linux - Security 8 07-15-2004 09:02 PM
PARANOID, Have I been hacked? statmobile Linux - Security 5 04-23-2004 04:18 AM
Maxiumum (paranoid) security LGMike Mandriva 3 09-25-2003 01:27 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 03:02 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration