From f9bef9a3f1471b0068b46d9605f444b6662b77a1 Mon Sep 17 00:00:00 2001 From: "thibault.dewailly" Date: Thu, 21 Apr 2016 11:51:10 +0200 Subject: [PATCH] Added valid suid sgid binaries --- etc/conf.d/12.10_find_suid_files.cfg | 2 +- etc/conf.d/12.11_find_sgid_files.cfg | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/etc/conf.d/12.10_find_suid_files.cfg b/etc/conf.d/12.10_find_suid_files.cfg index 102c278..5235a2f 100644 --- a/etc/conf.d/12.10_find_suid_files.cfg +++ b/etc/conf.d/12.10_find_suid_files.cfg @@ -2,4 +2,4 @@ status=disabled # Put Here your valid suid binaries so that they do not appear during the audit -EXCEPTIONS="/bin/mount /bin/ping /bin/ping6 /bin/su /bin/umount /usr/bin/chfn /usr/bin/chsh /usr/bin/fping /usr/bin/fping6 /usr/bin/gpasswd /usr/bin/mtr /usr/bin/newgrp /usr/bin/passwd /usr/bin/sudo /usr/bin/sudoedit /usr/lib/openssh/ssh-keysign /usr/lib/pt_chown" +EXCEPTIONS="/bin/mount /bin/ping /bin/ping6 /bin/su /bin/umount /usr/bin/chfn /usr/bin/chsh /usr/bin/fping /usr/bin/fping6 /usr/bin/gpasswd /usr/bin/mtr /usr/bin/newgrp /usr/bin/passwd /usr/bin/sudo /usr/bin/sudoedit /usr/lib/openssh/ssh-keysign /usr/lib/pt_chown /usr/bin/at" diff --git a/etc/conf.d/12.11_find_sgid_files.cfg b/etc/conf.d/12.11_find_sgid_files.cfg index 066ca9e..d51d727 100644 --- a/etc/conf.d/12.11_find_sgid_files.cfg +++ b/etc/conf.d/12.11_find_sgid_files.cfg @@ -1,4 +1,4 @@ # Configuration for script of same name status=disabled # Put here valid binaries with sgid enabled separated by spaces -EXCEPTIONS="/sbin/unix_chkpwd /usr/bin/bsd-write /usr/bin/chage /usr/bin/crontab /usr/bin/expiry /usr/bin/mutt_dotlock /usr/bin/screen /usr/bin/ssh-agent /usr/bin/wall /usr/sbin/postdrop /usr/sbin/postqueue" +EXCEPTIONS="/sbin/unix_chkpwd /usr/bin/bsd-write /usr/bin/chage /usr/bin/crontab /usr/bin/expiry /usr/bin/mutt_dotlock /usr/bin/screen /usr/bin/ssh-agent /usr/bin/wall /usr/sbin/postdrop /usr/sbin/postqueue /usr/bin/at /usr/bin/dotlockfile /usr/bin/mail-lock /usr/bin/mail-touchlock /usr/bin/mail-unlock"