Review your favorite Linux distribution.
Go Back > Forums > Linux Forums > Linux - Security
User Name
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.


  Search this Thread
Old 08-26-2003, 04:28 PM   #1
LQ Newbie
Registered: Aug 2003
Location: Fredericton NB
Posts: 4

Rep: Reputation: 0
Question Paranoid security

Good Day!
New guy here and first post... hope no rules broken.

Installed Linux (Mandrake 9) with paranoid security.
Good stuff but sometimes anoying...
One of the features resets ownership of all files within /var/log to root with permissions "600" read write by owner only.
This appears to be done via cron using "msec".

Does anyone know how to bypass this feature for a given subdirectory?
I searched for config files but could not find an include/exclude list on anything that looke like it. The responsible code appears written in Python and I'm unfamiliar with it.

I'd also be interested in finding decent documentation on this subject.


Old 08-27-2003, 12:19 AM   #2
Senior Member
Registered: Jul 2003
Location: Silicon Valley, USA
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660

Rep: Reputation: 69
msec is really nice, but it can be maddening at times(stupid promiscuous mode checks filling the log every minute, arrrg!).

The files are in /usr/share/msec (or was it /usr/share/lib/msec?). I can't remember the exact file that holds the file permission settings, but it's in there. Try # cd /usr/share/msec ; grep "/var/log" *

By the way, /var/log really shouldn't be readable by anyone other than root. Use sudo to view logs as a non-root user.
Old 08-28-2003, 04:44 PM   #3
Registered: Apr 2003
Location: uk
Distribution: slackware current
Posts: 761

Rep: Reputation: 54
raybcher, this is some stuff I saved from when I had msec installed
hope its not out of date...

Customizing msec With Overrides
To override any of these defaults, you will need to create the file /etc/security/msec/level.local with your overrides.
To have a better idea of the different commands you can use in the level.local file, read the mseclib manpage (man mseclib). It describes all of the functions you can set in the file and what each function is for.
Old 08-29-2003, 07:54 AM   #4
LQ Newbie
Registered: Aug 2003
Location: Fredericton NB
Posts: 4

Original Poster
Rep: Reputation: 0

I specially like the override functionality instead of modifying the package source.

I'll have to check my MANPATH...

Take care.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Paranoid Data Security!! elliotfuller Linux - Networking 3 08-26-2005 12:46 AM
What's a good distro if I'm really paranoid about security/viruses? Mr. Hill Linux - Newbie 12 02-23-2005 10:59 PM
Have I been hacked or am I just being paranoid? Kyral Retsam Linux - Security 8 07-15-2004 08:02 PM
PARANOID, Have I been hacked? statmobile Linux - Security 5 04-23-2004 03:18 AM
Maxiumum (paranoid) security LGMike Mandriva 3 09-25-2003 12:27 AM > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 06:34 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration