[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: tiger output - how to interpret, how to resolve?

Andreas Goesele wrote:

> I have installed tiger and am now in the process of going through its
> warnings. Some of them I do not understand even though I looked at the
> tigexp output.
> Two of those I do not understand are the following ones:
> 1.)
> # Performing check of files in system mail spool...
> --WARN-- [kis008w] File "xxx" in the mail spool, owned by `0'.
> But this mail file belongs to xxx as is shown for instance by ls -l:
> -rw-r--r--    1 xxx     mail      4201731 Oct 24 06:02 xxx
> From where does tiger get the idea that the file xxx does not belong
> to xxx? What should I do about this message? If it is some false
> positive of tiger, how would I stop it?

Look in /etc/passwd and see what the UID of user xxx is. If it's zero,
and xxx is not root, then that could be a problem. On a Unix-like system,
UID 0 is root; anyone with UID 0, no matter what their name is, is root.
Usually only the account named root should have UID 0, although if you
have sash installed, you may find that sashroot has UID 0 also.

> 2.)  # Performing check of anonymous FTP... 
> --WARN-- [ftp006w] Anonymous FTP enabled, but directory does not exist.
> I don't have any ftp server installed or even running, trying to
> connect to my box results in:
> ftp: connect: Connection refused
> So from where does tiger get the idea that Anonymous FTP is enabled?

I saw that too. I don't know. My guess is that tiger is stupid.

I installed tiger a few months ago when the harden-* packages appeared.
It started generating all sorts of complaints. Some of them made sense,
so I resolved those issues. But there was a core group of complaints that
made no sense and would not go away. Some of them, such as this anon-ftp
thing, were so silly that I completely lost confidence in tiger as a
useful tool for my system. So I got rid of tiger.


Reply to: