Re: The harden-*flaws packages.
On Mon, Sep 02, 2002 at 04:09:21PM +0200, Ola Lundqvist wrote:
> > If you want a program to check for security flaws please use one designed for that
> > precisely. Tiger is such a program. Just have the *flaws package recommend: or
> > depend: on tiger.
> On the other hand tigher does a lot of other things too. But the link
> you gave me was very interesting.
Tiger can be configured easily to just check *one* thing. Just customize the cron
job at will.
> Agreed. Without having too much digging in tiger it might be a good
> idea. The contact I have had with tiger is not very pleasant because it
> bugged me with a lot of non-issues. That is maybe the reason why I
> deinstalled it. :)
There are still false positives in tiger, the template mechanism, however, takes
care so that an admin just sees a security warning *once* and not in every run of
the security test script (It's a simple diff, mind you, but it works)