Re: [PATCH] Tighten /etc/crontab permissions
From: Doug Barton (DougB_at_FreeBSD.org)
Date: 08/12/04
- Previous message: Xin LI: "Re: [PATCH] Tighten /etc/crontab permissions"
- In reply to: Xin LI: "Re: [PATCH] Tighten /etc/crontab permissions"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 11 Aug 2004 21:57:01 -0700 (PDT) To: Xin LI <delphij@frontfree.net>
On Thu, 12 Aug 2004, Xin LI wrote:
> I think I would want to compromise at this point ;) In addition of this,
> personally I suggest the following changes to be made:
>
> - Provide an option in sysinstall so users will be instructed
> to choose whether to ``lockdown'' their systems as soon as
> the configuration is completed. Also, include this utility
> in the installation disc.
> - Add a new security audit script which will tell admins that
> the permission of "watched" configurations was altered.
> This might be turned off by default, or even a depency port
> of lockdown, to provide a mechanism to detect potential
> break-ins earlier, and to notice users when something like
> mergemaster or manual etc/ upgrades has reverted the
> permissions.
>
> What do you think about this? Actually the FreeBSD Simplified Chinese
> project is recently coordinating an effort of making an Internationalized
> FreeBSD Installer, I think we will try to implement these
> things if they looks better.
Those sound like good goals, I wish you great luck with them. :)
Doug
--
This .signature sanitized for your protection
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
- Previous message: Xin LI: "Re: [PATCH] Tighten /etc/crontab permissions"
- In reply to: Xin LI: "Re: [PATCH] Tighten /etc/crontab permissions"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
