summaryrefslogtreecommitdiff
path: root/libexec/security
AgeCommit message (Expand)Author
2020-10-11Don't skip file systems just because the parent fs is nodev and nosuid.Todd C. Miller
2020-09-17afs, nnpfs, and procfs are no longer supported,Ingo Schwarze
2020-09-14Do not bother scanning file systems that are both nodev and nosuidIngo Schwarze
2016-12-27Remove user uucp and group news from base.Jeremie Courreges-Anglas
2016-10-22When checking ownership and modes of files in /var/mail/,Ingo Schwarze
2015-07-21When reading untrusted user files, don't risk blocking, such thatIngo Schwarze
2015-04-21When diff(1) finds differences, it returns an exit status of 1.Ingo Schwarze
2015-03-27In mount(8) output, do not misparse lines where fs_spec ends with theIngo Schwarze
2015-03-27If /etc/passwd contains incomplete lines ending before theIngo Schwarze
2014-12-04AnonCVS is designed to work with a user account that has no password and aIngo Schwarze
2014-07-14The file /etc/exports is now optional and not installed by default,Ingo Schwarze
2014-06-26Do not redirect STDERR of the main security(8) script to /dev/null,Ingo Schwarze
2014-06-24The Perl close() function, when called on pipe file descriptors,Ingo Schwarze
2014-06-24Do not try to pass potentially non-existent array elements intoIngo Schwarze
2014-04-29tedu ~/.kloginDavid Coppa
2014-04-21check perms on .ssh/id_ed25519; Fritjof BornebuschStuart Henderson
2014-04-20check_hosts_equiv -> check_hosts_lpdAntoine Jacoutot
2014-03-23don't check ftpusers in security(8), from gsoares@, ok afresh1@ schwarze@Stuart Henderson
2013-03-21Correct the last change to untaint $fmt; it caused the final parameter ofStuart Henderson
2013-03-19Untaint a variable used in an sprintf format string by using a regex and back-Stuart Henderson
2013-03-18create an empty %skip even if SUIDSKIP is not set, newer perl complains.Stuart Henderson
2013-03-18Enclose qw()...) literals in parentheses where required; this was historicallyStuart Henderson
2012-07-08To detect changes of system files, use SHA-256 rather than MD5,Ingo Schwarze
2012-05-17Also check permissions of .ssh/id_ecdsa.Pascal Stumpf
2011-07-20During mailbox and special file checks, skip all files that can'tIngo Schwarze
2011-07-20In lists of setuid/setgid files and devices, do not pad the last columnIngo Schwarze
2011-06-20Restore changelist(5) wildcard support that we inadvertently killedIngo Schwarze
2011-05-25Fix two bugs where race conditions might cause stat(2) to fail,Ingo Schwarze
2011-05-10Do not complain about an /etc/group line "+\n" as "wrong number of fields",Ingo Schwarze
2011-04-23When a device or setuid file is owned by a nonexistent user or group,Ingo Schwarze
2011-04-23Very nice bugfix from Andrew Fresh, who writes:Ingo Schwarze
2011-04-17remove a bogus blank line; from Andrew FreshIngo Schwarze
2011-04-17Keep the exact format of the message:Ingo Schwarze
2011-04-10Reviewing my version of the code, Andrew Fresh found an elegant way toIngo Schwarze
2011-04-09implement one last check that Andrew overlookedIngo Schwarze
2011-04-09implementation of the remaining checks;Ingo Schwarze
2011-03-30style cleanup:Ingo Schwarze
2011-03-26umask and path checks;Ingo Schwarze
2011-03-25home directory checks;Ingo Schwarze
2011-03-24fix "german" typo; from <markus dot lude at gmx dot de>Ingo Schwarze
2011-03-23Work in progress to replace /etc/security, not yet linked to the build.Ingo Schwarze