[Bug 165311] New: Review Request: Tiger, security auditing on UNIX systems
bugzilla at redhat.com
bugzilla at redhat.com
Sun Aug 7 16:32:28 UTC 2005
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=165311
Summary: Review Request: Tiger, security auditing on UNIX systems
Product: Fedora Extras
Version: devel
Platform: All
URL: http://www.nongnu.org/tiger/
OS/Version: Linux
Status: NEW
Severity: normal
Priority: normal
Component: Package Review
AssignedTo: gdk at redhat.com
ReportedBy: gauret at free.fr
QAContact: dkl at redhat.com
CC: fedora-extras-list at redhat.com
Spec : http://gauret.free.fr/fichiers/rpms/fedora/tiger.spec
SRPM : http://gauret.free.fr/fichiers/rpms/fedora/tiger-3.2.1-1.src.rpm
Description:
Tiger is a set of bash scripts to run automatic security audits and intrusion detection on Unix systems.
The project was abandoned since mid-90's, and got resurrected by one of the main Debian security developers (Javier Fernández-Sanguino).
It proved very useful many times on the Debian servers I manage, and I'm pretty sure it could be as useful on Fedora.
Since Tiger is very system-specific, it needs customization to integrate it into Fedora. Right now, I've only ported Javier's fixes and adaptations for Debian (which is a 20000+ lines patch...).
I'd like to make sure it works as this, and I'll add more Fedora-specific checks afterwards (such as "yum check-update", "rpm -V", and maybe even SELinux checks, there's much to do)
So here are the best ways you can review Tiger :
- Check for packaging errors, as usual
- Install it, tweak /etc/tiger/tigerrc a little, run "tiger" and tell me if you have error messages.
- Tell me what false-positive alerts you get in the previous command so I can add them to /etc/tiger/tiger.ignore
- Look into /etc/tiger/tiger.ignore and tell me if you think I've ignored something valid
- Please review my one-liner patch for a C program not compiling with gcc4, as I really don't know C...
- Tell me where Tiger could be better integrated into Fedora
When you run "tiger", all checks enabled in /etc/tiger/tigerrc are run. But there is also an automatic testing system, where the scripts are run at different times according to /etc/tiger/cronrc. If you can, please run each script in this crontab and tell me which false-positive you get.
One of Tiger's best features is to report only what's changed since the last run (configurable in /etc/tiger/tigerrc), but it does not mean we should not get rid of false-positives in the first place.
--
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
More information about the fedora-extras-list
mailing list