Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. Summary: Review Request: Tiger, security auditing on UNIX systems https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=165311 bugzilla@xxxxxxxxxx changed: What |Removed |Added ---------------------------------------------------------------------------- CC|fedora-extras- | |list@xxxxxxxxxx | CC| |fedora-package- | |review@xxxxxxxxxx ------- Additional Comments From fedora@xxxxxxxxxxxxxxx 2006-04-22 10:54 EST ------- Not an offial review, but some comments: 1) Some suspicious errors during %install phase: Copying miscellaneous dirs... tar: ./check.d/README.doc: Cannot open: Permission denied tar: Error exit delayed from previous errors tar: ./html/integrit.html.doc: Cannot open: Permission denied tar: ./html/ndd.html.doc: Cannot open: Permission denied tar: ./html/ssh.html.doc: Cannot open: Permission denied tar: ./html/aide.html.doc: Cannot open: Permission denied tar: ./html/rootkit.html.doc: Cannot open: Permission denied tar: Error exit delayed from previous errors tar: ./systems/Linux/2/check_xinetd.scripts: Cannot open: Permission denied tar: Error exit delayed from previous errors Copying miscellaneous files... Copying scripts... sed: can't read ./systems/Linux/2/check_xinetd.scripts: Permission denied Copying platform scripts... cp: cannot open `./systems/Linux/2/check_xinetd.scripts' for reading: Permission denied 2) In /usr/lib/tiger/systems/Linux/2/ some files have an equivalent ending in .orig or .old which are probably backups left during development. I suggest not to package these files: [joost@alexandria SPECS]$ rpm -qil tiger | grep orig /usr/lib/tiger/systems/Linux/2/check_listeningprocs.orig /usr/lib/tiger/systems/Linux/2/gen_passwd_sets.orig [joost@alexandria SPECS]$ rpm -qil tiger | grep old /usr/lib/tiger/systems/Linux/0/gen_cron.old /usr/lib/tiger/systems/Linux/2/services.old 3) In /usr/lib/tiger/systems/Linux/2/ most files have an equivalent ending in .scripts which are clearly leftovers from an earlier stage of development and left abandoned in 2003. The equivalent files without the .scripts extension all have inline comments dated 2005. I suggest not to package these .scripts files also, unless there is a reason for these that I don't understand. 4) rpmlint errors and warnings: [joost@alexandria SPECS]$ rpmlint /home/joost/Development/rpm/RPMS/i386/tiger-3.2.1-2.i386.rpm W: tiger conffile-without-noreplace-flag /etc/cron.d/tiger W: tiger conffile-without-noreplace-flag /etc/tiger/cronrc W: tiger conffile-without-noreplace-flag /etc/tiger/tiger.ignore W: tiger conffile-without-noreplace-flag /etc/tiger/tigerrc E: tiger zero-length /usr/lib/tiger/systems/default/suid_list E: tiger non-readable /etc/tiger/tigerrc 0640 E: tiger non-readable /etc/tiger/tiger.ignore 0600 E: tiger non-standard-dir-perm /var/log/tiger 0700 W: tiger file-not-utf8 /usr/share/man/man8/tiger.8.gz E: tiger non-readable /etc/tiger/cronrc 0640 W: tiger symlink-should-be-relative /usr/lib/tiger/tigexp /usr/sbin/tigexp E: tiger non-standard-dir-perm /etc/tiger 0700 E: tiger zero-length /usr/lib/tiger/systems/default/rel_file_exp_list E: tiger zero-length /usr/lib/tiger/systems/Linux/2/rel_file_exp_list E: tiger non-standard-dir-perm /var/run/tiger/work 0700 E: tiger zero-length /usr/lib/tiger/systems/Linux/2/check_xinetd.scripts E: tiger script-without-shellbang /usr/lib/tiger/systems/Linux/2/check_xinetd.scripts W: tiger devel-file-in-non-devel-package /usr/lib/tiger/version.h W: tiger log-files-without-logrotate /var/log/tiger Hope this is helpfull.. -- Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.