[prev in list] [next in list] [prev in thread] [next in thread]
List: novalug
Subject: Re: [novalug] What is msec and why is it changing my permissions?
From: donjr <djr1952 () hotpop ! com>
Date: 2006-02-23 11:29:19
Message-ID: 1140694159.10294.214.camel () localhost ! localdomain
[Download RAW message or body]
On Wed, 2006-02-22 at 21:20 -0800, Igor Birman wrote:
> Thanks. These sites are pretty confusing. There does not seem to be
> much documentation for it. I changed the UMASK_USER value from 022 to
> 002 in /etc/sysconfig/msec. I think it will take care of it, but I am
> not sure.
>
> Igor
>
Note I do NOT run Mandrake here or have it installed.
After a quick read through the docs at:
<http://club.mandriva.com/xwiki/bin/KB/SecureSmsec>
I'd suggest either of the following changes:
1) Set CHECK_PERMS to NO.
This would disable the checking of ALL /home directories and files.
{: if you don't have any "bad" and/or "untrusted" users this
wouldn't be opening to big of a security hole. :}
or
2) To the EXCLUDE_REGEXP section add the following three(3) lines:
EXCLUDE_REGEXP=${EXCLUDE_REGEXP}'\|^/home/backup'
EXCLUDE_REGEXP=${EXCLUDE_REGEXP}'\|^/home/elysa'
EXCLUDE_REGEXP=${EXCLUDE_REGEXP}'\|^/home/www'
or another way to EXCLUDE all /home directories/files from checking:
EXCLUDE_REGEXP=${EXCLUDE_REGEXP}'\|^/home'
{: if you don't have any "bad" and/or "untrusted" users this
wouldn't open to big of a security hole. :}
--
--
Don E. Groves, Jr.
$ /usr/games/fortune :
I was gratified to be able to answer promptly, and I did. I said I
didn't know.
-- Mark Twain
_______________________________________________
novalug mailing list
novalug@tux.org
http://www.tux.org/mailman/listinfo/novalug
for subscribe/unsubscribe see web page
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic