[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ossec-list] probem with host-deny.sh

To: ossec-list@xxxxxxxxxxxxxxxx
Subject: [ossec-list] probem with host-deny.sh
From: "Norman J Harman Jr. (Surf Admin)" <surfadmin@xxxxxxxxxxx>
Date: Thu, 01 Feb 2007 03:16:44 -0800
Organization: Surfisp.com

On one of my boxes the /var/ossec/active-response/bin/host-deny.sh 
script changes the permissions of /etc/hosts.deny to 600 which causes 
all sorts of problems(at least stunnel fails if hosts.deny is unreadable).

I don't think this is exactly a bug in ossec (I'm not sure what is 
changing umask actually) but I think it is good practice to set the 
permissions of system files that you recreate.   So, I added a chmod 644 
line into host-deny.sh

# Deleting from hosts.deny
elif [ "x${ACTION}" = "xdelete" ]; then
    lock;
    cat /etc/hosts.deny | grep -v "ALL:${IP}$"> /tmp/hosts.deny.$$
    mv /tmp/hosts.deny.$$ /etc/hosts.deny
    chmod 644 /etc/hosts.deny
    unlock;
    exit 0;

Prev by Date: [ossec-list] Re: FW: [ossec-list] Problems with Ossec on AIX
Next by Date: [ossec-list] Two questions in one.
Previous by thread: [ossec-list] Re: Problems with Ossec on AIX
Next by thread: [ossec-list] Two questions in one.
Index(es):
- Date
- Thread

OSSEC home | Main Index | Thread Index

OSSEC project: www.ossec.net.
Mailling list information: http://www.ossec.net/en/mailing_lists.html.