yeah, i think that is one thing mandrake could really really improve. Msec has the potential to be a really fantastic hardning script.. But as it stands now, even on servers i use level 3 and tighten up manually.
it needs a console and/or a X11 GUI.. Just something where it displays the level, and gives you a list of the msec options so you check and uncheck specific settings. (rather then just choosing a level.) It could be done without changing any of its current functionality I'd imagine.) that would serve two benefits.. 1. tells you want msec is actually doing at a given level. 2. allows you to easily stop it.. or enable it. personally i think a console GUI'd be fine, but suspect others would prefer X11. and if its the latter, it could be part of control center. rgds Franki -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Vox Sent: Thursday, 3 July 2003 6:44 AM To: [EMAIL PROTECTED] Subject: Re: [expert] Security and permissions problems On September 1993 plus 3591 days Praedor Atrebates wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > After I originally found that all users could see other user's home contents, > I tried first changing to security level 3. Someone else mentioned I could > set the home permission to 700. > > Both methods have screwed up my system and I can't seem to get it back even > though I switched to security level 2. My system is OK at the moment but > there will come a time (how long it takes is unknown as yet) when all of a > sudden, I cannot open konsoles, xterms, or start any app for that matter. > The perms on my home directory will change that will 1) prevent KDE from > working because it can't get write permissions to my home, and 2) kmail wont > be able to download/store email because it wont have write permission to my > ~/Mail directories. I have had to twice login as root and chown > praedor.praedor /home/praedor and set my home perm to 711, then 755. > > I restarted DrakConf and then went to Drakperms and set the security level to > 2 and made sure that /home/* was no longer editable and no longer 700 but > nevertheless I get this repetitious problem. > > What security level will allow users to actually USE their home directories, > window managers, etc, without problems but also prevent other users from > looking at the contents of their HOME dirs? Uhm...I use msec3 always, on all machines, and never have problems using any apps...I think you messed up the perms in drakperms in some way. What I *have* noticed a couple of times (not tried lately...this happened in the 8.x days) is that if you go from a higher level to a lower level of msec, some perms do get messed up and you have to fix them by hand before msec will start listening to you again. But that happened both times going from 5 to 3, and the problems you are referring to are not problems that I can relate to 3 in any way. Vox -- Think of the Linux community as a niche economy isolated by its beliefs. Kind of like the Amish, except that our religion requires us to use _higher_ technology than everyone else. -- Donald B. Marti Jr.
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
