RE: testing owner files and integrity

To: "Samu" <samu@mclink.it>, <debian-security@lists.debian.org>
Subject: RE: testing owner files and integrity
From: "smoky" <smoky@secsi.net>
Date: Mon, 30 Apr 2001 09:19:22 -0700
Message-id: <GIEJKCMKLMCIOOJGINAJGEIHCEAA.smoky@secsi.net>
In-reply-to: <20010430165344.A4932@linuxasylum.net>

it'd be easy to create a couple scripts to do that for you
something along the lines of (there may be errors :)

--- log ownership ---
#!/bin/sh
find / -printf "%u.%g %p" >/var/log/system.owernship
--- end ---

--- restore ownership ---
#!/bin/sh
i=1
while true
  do chown $(sed -n ${i}p)
     [ $? -ne 0 ] && exit 0
     let i=i+1
done
--- end ---

there would obviously be other and more efficient ways of doing this, but
this is just an example..


-----Original Message-----
From: Samu [mailto:samu@mclink.it]
Sent: Monday, April 30, 2001 7:54 AM
To: debian-security@lists.debian.org
Subject: testing owner files and integrity


last night i did a chown -R nobody. / as root.
i tried to establish the right owner of all files, so i start to check
how to do that under debian ( i remembered it was possible under rh) and....
surprise nothing.
so i started to manually changin owner of my files ( with the help of
another
machine debian too).

it would be good for dpkg packages to have a list of all permission and
owner
of every file you are installing so it's easier to check this kind of
mistakes
( also it can be helpful to detect trojan  horse ) .

i mean something like aide but implemented on the structure of .deb
packages,
would help sysadm to keep the system as debian suggest.
obviously there are some problems about "customization": e.g. someone wants
tcpdump suid root to permit all his user to watch traffic, so it must be
something which can be suppressed (not like on rh ) but the default
configuration should keep the owner/permission as debian suggest .

what do you think about it ?


thanks
Samuele


--
Samuele Tonon  <samu@mclink.it>
Undergraduate Student  of  Computer Science at  University of Bologna, Italy
System administrator at Computer Science Lab's, University of Bologna, Italy
Founder & Member of A.A.H.T.
UIN 3155609
          	Acid -- better living through chemistry.
			       Timothy Leary


--
To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact
listmaster@lists.debian.org

Reply to:

References:
- testing owner files and integrity
  - From: Samu <samu@mclink.it>

Prev by Date: Re: testing owner files and integrity
Next by Date: Got root?
Previous by thread: Re: testing owner files and integrity
Next by thread: Got root?
Index(es):
- Date
- Thread