Age | Commit message (Expand) | Author |
2020-10-11 | Don't skip file systems just because the parent fs is nodev and nosuid. | Todd C. Miller |
2020-09-17 | afs, nnpfs, and procfs are no longer supported, | Ingo Schwarze |
2020-09-14 | Do not bother scanning file systems that are both nodev and nosuid | Ingo Schwarze |
2016-12-27 | Remove user uucp and group news from base. | Jeremie Courreges-Anglas |
2016-10-22 | When checking ownership and modes of files in /var/mail/, | Ingo Schwarze |
2015-07-21 | When reading untrusted user files, don't risk blocking, such that | Ingo Schwarze |
2015-04-21 | When diff(1) finds differences, it returns an exit status of 1. | Ingo Schwarze |
2015-03-27 | In mount(8) output, do not misparse lines where fs_spec ends with the | Ingo Schwarze |
2015-03-27 | If /etc/passwd contains incomplete lines ending before the | Ingo Schwarze |
2014-12-04 | AnonCVS is designed to work with a user account that has no password and a | Ingo Schwarze |
2014-07-14 | The file /etc/exports is now optional and not installed by default, | Ingo Schwarze |
2014-06-26 | Do not redirect STDERR of the main security(8) script to /dev/null, | Ingo Schwarze |
2014-06-24 | The Perl close() function, when called on pipe file descriptors, | Ingo Schwarze |
2014-06-24 | Do not try to pass potentially non-existent array elements into | Ingo Schwarze |
2014-04-29 | tedu ~/.klogin | David Coppa |
2014-04-21 | check perms on .ssh/id_ed25519; Fritjof Bornebusch | Stuart Henderson |
2014-04-20 | check_hosts_equiv -> check_hosts_lpd | Antoine Jacoutot |
2014-03-23 | don't check ftpusers in security(8), from gsoares@, ok afresh1@ schwarze@ | Stuart Henderson |
2013-03-21 | Correct the last change to untaint $fmt; it caused the final parameter of | Stuart Henderson |
2013-03-19 | Untaint a variable used in an sprintf format string by using a regex and back- | Stuart Henderson |
2013-03-18 | create an empty %skip even if SUIDSKIP is not set, newer perl complains. | Stuart Henderson |
2013-03-18 | Enclose qw()...) literals in parentheses where required; this was historically | Stuart Henderson |
2012-07-08 | To detect changes of system files, use SHA-256 rather than MD5, | Ingo Schwarze |
2012-05-17 | Also check permissions of .ssh/id_ecdsa. | Pascal Stumpf |
2011-07-20 | During mailbox and special file checks, skip all files that can't | Ingo Schwarze |
2011-07-20 | In lists of setuid/setgid files and devices, do not pad the last column | Ingo Schwarze |
2011-06-20 | Restore changelist(5) wildcard support that we inadvertently killed | Ingo Schwarze |
2011-05-25 | Fix two bugs where race conditions might cause stat(2) to fail, | Ingo Schwarze |
2011-05-10 | Do not complain about an /etc/group line "+\n" as "wrong number of fields", | Ingo Schwarze |
2011-04-23 | When a device or setuid file is owned by a nonexistent user or group, | Ingo Schwarze |
2011-04-23 | Very nice bugfix from Andrew Fresh, who writes: | Ingo Schwarze |
2011-04-17 | remove a bogus blank line; from Andrew Fresh | Ingo Schwarze |
2011-04-17 | Keep the exact format of the message: | Ingo Schwarze |
2011-04-10 | Reviewing my version of the code, Andrew Fresh found an elegant way to | Ingo Schwarze |
2011-04-09 | implement one last check that Andrew overlooked | Ingo Schwarze |
2011-04-09 | implementation of the remaining checks; | Ingo Schwarze |
2011-03-30 | style cleanup: | Ingo Schwarze |
2011-03-26 | umask and path checks; | Ingo Schwarze |
2011-03-25 | home directory checks; | Ingo Schwarze |
2011-03-24 | fix "german" typo; from <markus dot lude at gmx dot de> | Ingo Schwarze |
2011-03-23 | Work in progress to replace /etc/security, not yet linked to the build. | Ingo Schwarze |