Re: Auditing systems for default homedir permissions and other potential security risks and also for overly long subjects and needlessly antagonistic mailing list discussion threads

To: debian-devel@lists.debian.org
Subject: Re: Auditing systems for default homedir permissions and other potential security risks and also for overly long subjects and needlessly antagonistic mailing list discussion threads
From: Timo Juhani Lindfors <timo.lindfors@iki.fi>
Date: Tue, 22 Feb 2011 20:25:03 +0200
Message-id: <[🔎] 84wrksrkow.fsf@sauna.l.org>
In-reply-to: <[🔎] 1297957018.22676.40.camel@tacticus> (Lars Wirzenius's message of "Thu, 17 Feb 2011 15:36:58 +0000")
References: <[🔎] AANLkTin3N3j_Dxds0zVrhhhFgO9MVVJrpg+YYwDVYoNT@mail.gmail.com> <[🔎] 19805.9786.37599.609757@chiark.greenend.org.uk> <[🔎] AANLkTim3=P6Ed-=z+VNPAGvfhm-fh+4Gn32pbSo3mhKK@mail.gmail.com> <[🔎] 20110217145836.GC31448@codelibre.net> <[🔎] AANLkTim_txyuh+zvXyOXHzWTPf8QypYZHj=S+B4ko-J2@mail.gmail.com> <[🔎] 20110217152409.GE31448@codelibre.net> <[🔎] 1297957018.22676.40.camel@tacticus>

Lars Wirzenius <liw@liw.fi> writes:
> The auditor then looks for things in the system, and in home
> directories, which might be problems. For example, if it's meant to be a
> mail server with a lot of security, having telnetd installed and running
> would be a problem for it to flag. Likewise, it might flag home
> directory permissions.

We use tiger for this.

Reply to:

References:
- Default Homedir Permissions
  - From: Olaf van der Spek <olafvdspek@gmail.com>
- Re: Default Homedir Permissions
  - From: Ian Jackson <ijackson@chiark.greenend.org.uk>
- Re: Default Homedir Permissions
  - From: Olaf van der Spek <olafvdspek@gmail.com>
- Re: Default Homedir Permissions
  - From: Roger Leigh <rleigh@codelibre.net>
- Re: Default Homedir Permissions
  - From: Olaf van der Spek <olafvdspek@gmail.com>
- Re: Default Homedir Permissions
  - From: Roger Leigh <rleigh@codelibre.net>
- Auditing systems for default homedir permissions and other potential security risks and also for overly long subjects and needlessly antagonistic mailing list discussion threads
  - From: Lars Wirzenius <liw@liw.fi>

Prev by Date: Re: New version of DEP-5 parser
Next by Date: Re: re buildd's resolver and package's build deps
Previous by thread: Auditing systems for default homedir permissions and other potential security risks and also for overly long subjects and needlessly antagonistic mailing list discussion threads
Next by thread: Re: Auditing systems for default homedir permissions and other potential security risks and also for overly long subjects and needlessly antagonistic mailing list discussion threads
Index(es):
- Date
- Thread