I want to periodically check if ASCII password/config files on Unix have 400 or 600 access. Folders and files are owned by designated group and user. Folders and Files do not have world write access.
Are there any tools/scripts available for this kind of auditing that I can use on Solaris? (7 Replies)
I read somewhere that you should make sure Apache is configured to not allow symbolic links to be followed outside the webroot, as this can compromise security.
I can imagine how this could lead to a security risk:
eg:
Is my assumption correct? -- Is it nothing more than: "its just... (0 Replies)
Hi,
I am doing a services audit on one of our servers at work and I notice that I sometimes have a service with two slightly different prefixes. For example,
S94httpd
K15httpd
Can one of them be safely deleted? (2 Replies)
siad_chk_invoker(3) Library Functions Manual siad_chk_invoker(3)NAME
siad_chk_invoker - check invoker dependent routine for SIA (Security Integration Architecture)
LIBRARY
Standard C library (libc.so and libc.a)
SYNOPSIS
#include <sia.h>
#include <siad.h>
int siad_chk_invoker (void)
DESCRIPTION
siad_chk_invoker()
The siad_chk_invoker() routine is called to verify that the calling program is sufficiently privileged to perform security checks or secu-
rity information updates. Usually only the local security mechanism is configured to perform this check. Although multiple mechanisms can
be utilized.
RETURN VALUES
The siad_chk_invoker() routine returns a bitmapped value which indicate the following status:
SIADSUCCESS Indicates unconditional success. All bits set to 0.
SIADFAIL Indicates conditional failure. Lowest bit set to 1. If other security mechanism are in place, continue.
SIADSTOP Indicates unconditional failure. Do not continue. Second lowest bit set to 1.
ERRORS
The errno values are those returned from the dynamic loader interface, from the (siad_*) routines, or from malloc. Possible errors include
resource constraints (no memory) and various authentication failures.
FILES
/etc/passwd
RELATED INFORMATION siad_chk_user(3), matrix.conf(4)
Security delim off
siad_chk_invoker(3)