Difference between revisions of "Msec"

From Christoph's Personal Wiki
Jump to: navigation, search
 
(Description)
 
Line 11: Line 11:
 
       from poor security and ease of use, to paranoid  config,  suitable  for
 
       from poor security and ease of use, to paranoid  config,  suitable  for
 
       very sensitive server applications.
 
       very sensitive server applications.
 
+
 
       You must be root to run msec.
 
       You must be root to run msec.
 
       Launch  "msec x" to set you security level to x (x=[0-5]). It'll modify
 
       Launch  "msec x" to set you security level to x (x=[0-5]). It'll modify
Line 23: Line 23:
 
       For  a  fine description of each security level, consult the documenta‐
 
       For  a  fine description of each security level, consult the documenta‐
 
       tion under /usr/share/doc/msec-*/security.txt.
 
       tion under /usr/share/doc/msec-*/security.txt.
 
+
 
       If you want to make  changes  to  the  current  level,  use  /etc/secu‐
 
       If you want to make  changes  to  the  current  level,  use  /etc/secu‐
 
       rity/msec/perm.local to override the permissions/owners/groups (use the
 
       rity/msec/perm.local to override the permissions/owners/groups (use the

Latest revision as of 21:30, 25 March 2016

msec is a package of Mandriva Linux security tools.

Usage

Note: See man page for details.

msec ([-o <option>=<value>...]) ([0-5])

Description

      msec  is  the  main  script  of the msec package. It enables the system
      administrator to change the security level for that  system.   msec  is
      provided  with  six  preconfigured  security levels. These levels range
      from poor security and ease of use, to paranoid  config,  suitable  for
      very sensitive server applications.

      You must be root to run msec.
      Launch  "msec x" to set you security level to x (x=[0-5]). It'll modify
      your system according to security  level  x  features.  Called  without
      argument,  it  will enforce the current security level without lowering
      security.
      All the changes are logged to  syslog(8)  at  the  AUTH  facility  when
      called non interactivelly (by cron for example) or at the LOCAL1 facil‐
      ity when called interactivelly (on the command line  or  from  Mandriva
      Linux Control Center for example).
      For  a  fine description of each security level, consult the documenta‐
      tion under /usr/share/doc/msec-*/security.txt.

      If you want to make  changes  to  the  current  level,  use  /etc/secu‐
      rity/msec/perm.local to override the permissions/owners/groups (use the
      same syntax as /usr/share/msec/perm.*  or use  the  drakperm  graphical
      utility)  and /etc/security/msec/level.local to override the rules (see
      mseclib(3) for details or use the draksec graphical utility).

External links