All...
We have a standard way of installing and configuring new systems here which
we have stuck to for some time.
Our internal security group have done an audit of two of our new systems set
up in this way, via a bought in package from March. This has come up with
some issues. Some of which I have no issue (no pun intended) with. Some
others I dont have a clue about.
I have checked these on some other systems and they all seem to be the same.
Can anybody offer any comments on the following. ie., what should the
owner, group and protection mask be.
Your help is anticipated and appreciated.
Best regards - Tony Miller
1. /usr/bin/actdgetport is a link to /usr/opt/pm/bin/actdgetport. But
the destination file does not exist. March: "May allow creation by an
unauthorised user". My solution: Have deleted /usr/bin/actdgetport.
Question: Why does the link exist if the destination file does not?
2. As for 1. above but for /usr/bin/activityd --> /usr/opt/pm/bin/activityd
3. /etc/vol/vold_diag/socket - mask is srwxrwxrwx. March: "Most files in
this directory should be controlled so that only owner and group have write
access to the file". This is 0 bytes long. Question: Should this mask be
srwxrwxrwx? Should it be 0 bytes?
4. As 3. but for /etc/vol/vold_request/socket
Quotation: "Is the glass half full or half empty?? ...
Well, drink it anyhow, that's what I say".
Pete Goss.
+-----------------------------------------------------------------+
| TONY MILLER - Systems Projects - VODAFONE LTD, Derby House, |
| Newbury Business Park, Newbury, Berkshire. |
+-------------+---------------------------------------------------+
| Phone | 01635-507687(local) |
| Work email | ANTHONY.MILLER_at_VF.VODAFONE.CO.UK |
| FAX | 01635-233517 |
+-------------+---------------------------------------------------+
Disclaimer: Opinions expressed in this mail are my own and do not
reflect the company view unless explicitly stated. The information
is provided on an 'as is' basis and no responsibility is accepted for
any system damage howsoever caused.
Received on Thu Dec 09 1999 - 11:01:54 NZDT