Patch against the perm.* files to handle the berkley rtools (this should have done back in msec 0.1). This also follows the policy I'm pushing for (notice in all levels none of the tools are allowed to be setuid).
diff -urN msec-0.18/conf/perm.0 msec/conf/perm.0 --- msec-0.18/conf/perm.0 Mon Jan 28 10:25:56 2002 +++ msec/conf/perm.0 Tue Feb 5 15:54:49 2002 @@ -82,3 +82,8 @@ /var/log/*/. current 755 /var/spool/mail/ root.mail 2775 /var/tmp root.root 777 +/usr/bin/rsh root.root 755 +/usr/bin/rlogin root.root 755 +/usr/bin/rexec root.root 755 +/usr/bin/rsync root.root 755 + diff -urN msec-0.18/conf/perm.1 msec/conf/perm.1 --- msec-0.18/conf/perm.1 Mon Jan 28 12:09:34 2002 +++ msec/conf/perm.1 Tue Feb 5 15:55:04 2002 @@ -83,3 +83,8 @@ /var/log/*/. current 755 /var/spool/mail/ root.mail 2775 /var/tmp root.root 1777 +/usr/bin/rsh root.root 755 +/usr/bin/rlogin root.root 755 +/usr/bin/rexec root.root 755 +/usr/bin/rsync root.root 755 + diff -urN msec-0.18/conf/perm.2 msec/conf/perm.2 --- msec-0.18/conf/perm.2 Mon Jan 28 12:09:34 2002 +++ msec/conf/perm.2 Tue Feb 5 15:55:11 2002 @@ -83,3 +83,8 @@ /var/log/*/. current 755 /var/spool/mail/ root.mail 2775 /var/tmp root.root 1777 +/usr/bin/rsh root.root 755 +/usr/bin/rlogin root.root 755 +/usr/bin/rexec root.root 755 +/usr/bin/rsync root.root 755 + diff -urN msec-0.18/conf/perm.3 msec/conf/perm.3 --- msec-0.18/conf/perm.3 Mon Jan 28 12:09:34 2002 +++ msec/conf/perm.3 Tue Feb 5 15:55:53 2002 @@ -83,3 +83,8 @@ /var/log/*/. current 755 /var/spool/mail/ root.mail 2775 /var/tmp root.root 1777 +/usr/bin/rsh root.root 755 +/usr/bin/rlogin root.root 755 +/usr/bin/rexec root.root 755 +/usr/bin/rsync root.root 755 + diff -urN msec-0.18/conf/perm.4 msec/conf/perm.4 --- msec-0.18/conf/perm.4 Mon Jan 28 20:20:33 2002 +++ msec/conf/perm.4 Tue Feb 5 15:56:41 2002 @@ -83,3 +83,8 @@ /var/log/*/. current 700 /var/spool/mail/ root.mail 771 /var/tmp root.adm 1773 +/usr/bin/rsh root.ntools 751 +/usr/bin/rlogin root.ntools 751 +/usr/bin/rexec root.ntools 751 +/usr/bin/rsync root.ntools 751 + diff -urN msec-0.18/conf/perm.5 msec/conf/perm.5 --- msec-0.18/conf/perm.5 Mon Jan 28 12:09:34 2002 +++ msec/conf/perm.5 Tue Feb 5 15:58:13 2002 @@ -83,3 +83,8 @@ /var/log/*/. current 700 /var/spool/mail/ root.mail 771 /var/tmp root.root 1733 +/usr/bin/rsh root.root 0700 +/usr/bin/rlogin root.root 0700 +/usr/bin/rexec root.root 0700 +/usr/bin/rsync root.root 0700 + -- Bryan Paxton Public PGP key: http://www.deadhorse.net/bpaxton.gpg "What laughter, why joy, when constantly aflame? Enveloped in darkness, don't you look for a lamp?" Dhp. 163
