HPE Community
Secure OS Software for Linux
1819803 Members
2987 Online
109607 Solutions
New Discussion юеВ

Paranoid security, bypass resetting permissions

 
SOLVED
Go to solution
Raynald Boucher
Super Advisor

тАО08-26-2003 11:32 AM

тАО08-26-2003 11:32 AM

Paranoid security, bypass resetting permissions

Good Day all,

We have installed Linux (mandrake 9) with a security level of "paranoid". While this is good, it can get quite annoying. for example:
there is a cron job that appears to reset ownership of all subdirectories and files under /var to root with permisions 700 and 600 respectively.
A real pain because no other user can read anything from /var/log.

Is there a way to disable this functionality for /var/log or a subdirectory?

I suspect I could store my reports somewhere else under some /home/ to avoid this problem, but I'd rather know how to configure security properly.

Thanks &
Take care.
0 Kudos
5 REPLIES 5
Kodjo Agbenu
Honored Contributor

тАО08-26-2003 12:17 PM

тАО08-26-2003 12:17 PM

Re: Paranoid security, bypass resetting permissions

I don't know how Mandrake implement this functionality, but I remember in an old SuSE version I used few years ago, there were a file in /etc for configuring that (something like /etc/perms).

Check in Mandrake documentation or simply grep in /etc to find the right config file.

Good luck.

Kodjo
Learn and explain...
0 Kudos
Steven E. Protter
Exalted Contributor

тАО08-26-2003 12:39 PM

тАО08-26-2003 12:39 PM

Re: Paranoid security, bypass resetting permissions

crontab -e

Most likely there will be comments and you can find and modify the offending cron job.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Jean-Pierre Denis
Valued Contributor

тАО08-27-2003 12:14 AM

тАО08-27-2003 12:14 AM

Re: Paranoid security, bypass resetting permissions

Hi,

msec by default is making this happen...

Go look in :
/usr/share/msec

and take a look at the perm.5 file. (this is if you are running msec at level 5. I think "paranoid" which is the highest level is level5.)

you will see this for /var/log:
/var/log/ root.root 711
/var/log/* root.root 600
/var/log/*/* current 600
/var/log/*/*/* current 600
/var/log/*/. current 700

Simply replace the 600 or 700 with the permission you want to set.

Them run msec 5 again and all the permission will be applied to your system.

Thanks,
JP

Open your Mind and use Open Source software...
0 Kudos
Jean-Pierre Denis
Valued Contributor

тАО08-27-2003 12:19 AM

тАО08-27-2003 12:19 AM

Solution

Re: Paranoid security, bypass resetting permissions

Hi again,

instead of changing the file in /usr/share/msec you can create the file /etc/security/msec/perm.local and set your local permission in there.

This will overwrite the change made by perm.5 and if you upgrade msec one of there days your "local" config will be kept.

Thank,
JP



Open your Mind and use Open Source software...
Raynald Boucher
Super Advisor

тАО08-27-2003 06:03 AM

тАО08-27-2003 06:03 AM

Re: Paranoid security, bypass resetting permissions

Merci Jean-Pierre.

I was getting close but got sidetracked by that Python code.

Thanks all.
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.