rpms/sectool/F-9 sectool-0.7.4-filesystem.patch, NONE, 1.1 .cvsignore, 1.7, 1.8 sectool.spec, 1.7, 1.8 sources, 1.7, 1.8

Thu May 22 12:42:32 UTC 2008

Author: pvrabec

Update of /cvs/extras/rpms/sectool/F-9
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv13460

Modified Files:
	.cvsignore sectool.spec sources 
Added Files:
	sectool-0.7.4-filesystem.patch 
Log Message:
upgrade


sectool-0.7.4-filesystem.patch:

--- NEW FILE sectool-0.7.4-filesystem.patch ---

diff --git a/src/filesystem.c b/src/filesystem.c
index eab000f..c28901b 100644
--- a/src/filesystem.c
+++ b/src/filesystem.c
@@ -48,14 +48,14 @@ struct envinit_t vars[]={
  *  Error IDs
  */
 #define ID_DIRWORLDW        1
-#define ID_FILEWORLDGROUPWX 2
+#define ID_FILEGROUPWX      2
 #define ID_FILEWORLDW       3
 #define ID_GROUPNOTFOUND    4
 #define ID_NOPKG            5
 #define ID_SUIDSCRIPT       6
 #define ID_USERNOTFOUND     7
 #define ID_WRONGSYMLINK     8
-
+#define ID_FILEWORLDWX      9
 
 #define MAX_DIR_STACK_SIZE  16384
 
@@ -223,9 +223,12 @@ void check_object (const char *path, const struct stat *s) {
       }
       
       /* executable and world/group writable */
-      if ((s->st_mode&(S_IXUSR|S_IXGRP|S_IXOTH)) &&
-	  (s->st_mode&(S_IWGRP|S_IWOTH))) {
-	report (WARNING, ID_FILEWORLDGROUPWX, "File \"%s\" is executable and world/group writable.\n", path);
+      if ((s->st_mode&(S_IXUSR|S_IXGRP|S_IXOTH))) {
+	if (s->st_mode&(S_IWOTH)) {
+	  report (ERROR, ID_FILEWORLDWX, "File \"%s\" is executable and world writable.\n", path);
+	} else if (s->st_mode&(S_IWGRP)) {
+	  report (WARNING, ID_FILEGROUPWX, "File \"%s\" is executable and group writable.\n", path);
+	}	
       }
 
       /* SUID script */


Index: .cvsignore
===================================================================
RCS file: /cvs/extras/rpms/sectool/F-9/.cvsignore,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- .cvsignore	28 Apr 2008 15:51:41 -0000	1.7
+++ .cvsignore	22 May 2008 12:41:50 -0000	1.8
@@ -1 +1 @@
-sectool-0.7.3.tar.bz2
+sectool-0.7.4.tar.bz2


Index: sectool.spec
===================================================================
RCS file: /cvs/extras/rpms/sectool/F-9/sectool.spec,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- sectool.spec	28 Apr 2008 15:51:41 -0000	1.7
+++ sectool.spec	22 May 2008 12:41:50 -0000	1.8
@@ -1,15 +1,14 @@
 Summary: A security audit system and intrusion detection system
 Name: sectool
-Version: 0.7.3
-Release: 1%{?dist}
+Version: 0.7.4
+Release: 2%{?dist}
 URL: https://hosted.fedoraproject.org/sectool/wiki/WikiStart
 Source0: %{name}-%{version}.tar.bz2
+Patch1: sectool-0.7.4-filesystem.patch
 License: GPLv2+
 Group: Applications/System
-BuildRoot: %{_tmppath}/%{name}-%{version}-root
-BuildArch: noarch
-Requires: python2 gettext coreutils
-BuildRequires: desktop-file-utils gettext intltool
+Requires: python2 gettext coreutils rpm-python
+BuildRequires: desktop-file-utils gettext intltool rpm-devel
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 
 %package gui
@@ -32,6 +31,7 @@
 
 %prep
 %setup -q
+%patch1 -p1 -b .filesystem
 
 %build
 make %{?_smp_mflags}
@@ -93,6 +93,13 @@
 
 
 %changelog
+* Thu May 22 2008 Peter Vrabec <pvrabec at redhat.com> - 0.7.4-2
+- filesystem: distinguish between world and group +w permission
+
+* Wed May 21 2008 Peter Vrabec <pvrabec at redhat.com> - 0.7.4-1
+- new upstream release, lots of fixes and improvements,
+  see changelog
+
 * Mon Apr 28 2008 Peter Vrabec <pvrabec at redhat.com> - 0.7.3-1
 - new upstream release
 - better test integration


Index: sources
===================================================================
RCS file: /cvs/extras/rpms/sectool/F-9/sources,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- sources	28 Apr 2008 15:51:41 -0000	1.7
+++ sources	22 May 2008 12:41:50 -0000	1.8
@@ -1 +1 @@
-989a9a8c02ce89bd3fb107157f97ade0  sectool-0.7.3.tar.bz2
+dd2c9dd80c237fc47f66c33b363ec01a  sectool-0.7.4.tar.bz2


