[Cooker] [Bug 1739] [msec] changing CHECK_PROMISC to no in /etc/security/msec/security.conf is ineffective !

Fri, 07 Mar 2003 07:44:29 -0800 

http://qa.mandrakesoft.com/show_bug.cgi?id=1739





------- Additional Comments From [EMAIL PROTECTED]  2003-03-07 16:10 -------
OK, thanks for the clarification but : 
 
1. this is poorly documented that this file only pertains to the report parts 
 
2. is setting this variable the same as putting in security.conf the line: 
set security_conf(CHECK_PROMISC, no)  ? 
if yes, then : 
 
a. the man mseclib documentation does not state clearly these variables control the 
msec report sections only 
 
b. why do we have 2 places for the same controls 
 
3. setting enable_promisc_check(0) in security.conf does not work either (in fact it 
was already set to 0 in my example). 



------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.



------- Reminder: -------
assigned_to: [EMAIL PROTECTED]
status: RESOLVED
creation_date: 
description: 
# ls -l /etc/cron.d/msec 
-rw-r--r--    1 root     root           56 f�v  5 10:01 /etc/cron.d/msec 
[EMAIL PROTECTED] root]# cat /etc/cron.d 
cron.d      cron.daily 
[EMAIL PROTECTED] root]# cat /etc/cron.d/msec 
*/1 * * * *    root    /usr/share/msec/promisc_check.sh 
[EMAIL PROTECTED] root]# cat /etc/security/msec/ 
level.local    perm.local     security.conf  server.4       server.5 
[EMAIL PROTECTED] root]# cat /etc/security/msec/se 
security.conf  server.4       server.5 
[EMAIL PROTECTED] root]# cat /etc/security/msec/security.conf 
TTY_WARN=no 
SYSLOG_WARN=no 
MAIL_WARN=yes 
MAIL_USER=root 
CHECK_UNOWNED=yes 
CHECK_SHADOW=yes 
CHECK_SUID_MD5=yes 
CHECK_SECURITY=yes 
CHECK_PASSWD=yes 
CHECK_SUID_ROOT=yes 
CHECK_PERMS=yes 
CHECK_PROMISC=yes 
CHECK_WRITABLE=yes 
CHECK_OPEN_PORT=yes 
CHECK_SGID=yes 
CHKROOTKIT_CHECK=yes 
RPM_CHECK=yes 
[EMAIL PROTECTED] root]# vi /etc/security/msec/security.conf 
[EMAIL PROTECTED] root]# cat /etc/security/msec/security.conf 
TTY_WARN=no 
SYSLOG_WARN=no 
MAIL_WARN=yes 
MAIL_USER=root 
CHECK_UNOWNED=yes 
CHECK_SHADOW=yes 
CHECK_SUID_MD5=yes 
CHECK_SECURITY=yes 
CHECK_PASSWD=yes 
CHECK_SUID_ROOT=yes 
CHECK_PERMS=yes 
CHECK_PROMISC=no 
CHECK_WRITABLE=yes 
CHECK_OPEN_PORT=yes 
CHECK_SGID=yes 
CHKROOTKIT_CHECK=yes 
RPM_CHECK=yes 
[EMAIL PROTECTED] root]# msec 
[EMAIL PROTECTED] root]# cat /etc/security/msec/security.conf 
TTY_WARN=no 
SYSLOG_WARN=no 
MAIL_WARN=yes 
MAIL_USER=root 
CHECK_UNOWNED=yes 
CHECK_SHADOW=yes 
CHECK_SUID_MD5=yes 
CHECK_SECURITY=yes 
CHECK_PASSWD=yes 
CHECK_SUID_ROOT=yes 
CHECK_PERMS=yes 
CHECK_PROMISC=no 
CHECK_WRITABLE=yes 
CHECK_OPEN_PORT=yes 
CHECK_SGID=yes 
CHKROOTKIT_CHECK=yes 
RPM_CHECK=yes 
[EMAIL PROTECTED] root]# cat /etc/cron.d/msec 
*/1 * * * *    root    /usr/share/msec/promisc_check.sh 
[EMAIL PROTECTED] root]# ls -l /etc/cron.d/msec 
-rw-r--r--    1 root     root           56 f�v  5 10:01 /etc/cron.d/msec 
[EMAIL PROTECTED] root]# 
 
the cron job has not been removed !

Reply via email to