A couple questions... I selected medium security when I installed Mandrake 8.0. My root mailbox fills up, seemingly as a result, with security auditing messages about world writeable files being found: Jun 14 04:04:43 localhost : Security Warning: World Writeable files found : Jun 14 04:04:43 localhost : - /etc/.aumixrc Jun 14 04:04:43 localhost : - /etc/X11/lbxproxy Jun 14 04:04:43 localhost : - /etc/X11/proxymngr Jun 14 04:04:43 localhost : - /etc/X11/xserver Jun 14 04:04:43 localhost : - /etc/codepages/codepage.437 Jun 14 04:04:43 localhost : - /etc/codepages/codepage.737 Jun 14 04:04:43 localhost : - /etc/codepages/codepage.850 Jun 14 04:04:43 localhost : - /etc/codepages/codepage.852 Jun 14 04:04:43 localhost : - /etc/codepages/codepage.861 Jun 14 04:04:43 localhost : - /etc/codepages/codepage.866 Jun 14 04:04:43 localhost : - /etc/codepages/codepage.932 Jun 14 04:04:43 localhost : - /etc/codepages/codepage.936 Jun 14 04:04:43 localhost : - /etc/codepages/codepage.949 Jun 14 04:04:43 localhost : - /etc/codepages/codepage.950 Jun 14 04:04:43 localhost : - /etc/codepages/unicode_map.437 Jun 14 04:04:43 localhost : - /etc/codepages/unicode_map.737 Jun 14 04:04:43 localhost : - /etc/codepages/unicode_map.850 Jun 14 04:04:43 localhost : - /etc/codepages/unicode_map.852 Jun 14 04:04:43 localhost : - /etc/codepages/unicode_map.861 Jun 14 04:04:43 localhost : - /etc/codepages/unicode_map.866 Jun 14 04:04:43 localhost : - /etc/codepages/unicode_map.932 Jun 14 04:04:43 localhost : - /etc/codepages/unicode_map.936 And so forth. Many such files in /etc. There are also a number of these in my home directory and in /lib/modules/2.4.3-10mdk (plus a few others). Again, I did not do anything to alter the perms on these files, they are the default that went with Mandrake 8.0 and medium security install. I would like to tighten things up without overly hindering user abilities to do anything useful on the system (high security setting is terribly hindering for anything like playing games, connecting to the internet, etc). I am somewhat fearful of simply changing the perms on these files en masse because I recently tried this on my home directory as well as in the /tmp directory and it totally wrecked my system. It took me days to get things straightened out and working again. What permissions SHOULD I have on files in my $HOME directory and in /etc and /lib/modules to eliminate them from loading up my root mailbox? They must be perms that don't kill usefulness of the system by users and I don't want to wreck my system as I did before. Any suggestions?
