Home > Blogs > admin's blog

LES /usr/local/sbin/les

LES is intended as a facility to quickly & easily secure RedHat/RPM based environments (i.e: turbo linux, open linux). It does such by enforcing root-only permissions on system binaries (binaries that have no place being executed by normal users), enforcing root-only path traversal on system paths, enforcing immutable bit on essential rpm package contents (i.e: coreutils), and enforcing immutable bit on shell profile scripts.

The combined usage of all LES options provides an increased level of local environment security, in the hopes to stem off environment based attacks. Such attacks would consist of back-dooring system binaries; tainting the $PATH
variable to point to alien paths where back-doored binaries are located; alterations to user profile scripts to activate key loggers or process based hi-jacking; traversal exploration of the system paths etc...; the possible attack trends are endless hence the importance of hardening the local environment space.

It is recommended to use this script in conjunction with Linux capability restrictions and disable the  CAP_LINUX_IMMUTABLE privilege to further enhance the security to your environment.

 

# ./install.sh
LES installed
Install path:    /usr/local/les
Config path:     /usr/local/les/conf.les
Executable path: /usr/local/sbin/les

 

# /usr/local/sbin/les -help
LES version 0.2 <se@r-fx.org>
Copyright (C) 2004, R-fx Networks
2004, Ryan MacDonald
This program may be freely redistributed under the terms of the GNU GPL

usage: /usr/local/sbin/les [option] [off/on;0/1]
-da | --disable-all       Disable all options
-ea | --enable-all        Enable all options
-sb | --secure-bin        Set root only execution of critical binaries
-sp | --secure-path       Set root only traversal of critical paths
-sr | --secure-rpmpkg     Set immutable on core rpm package binaries
-so | --secure-prof       Set immutable on interactive login profiles
-sd | --secure-devel      Set access to devel utils for group deva & root

Comments

by admin on Mon, 07/26/2010 - 13:37

/usr/local/sbin/les -ea

version 0.2 <se@r-fx.org>
Copyright (C) 2004, R-fx Networks
2004, Ryan MacDonald
This program may be freely redistributed under the terms of the GNU GPL

Jul 26 02:56:28 serversignature les(7358): {sec.bin} chmod 700 /bin/dmesg
Jul 26 02:56:28 serversignature les(7358): {sec.bin} chmod 700 /bin/mount
Jul 26 02:56:28 serversignature les(7358): {sec.bin} chmod 700 /bin/rpm
Jul 26 02:56:28 serversignature les(7358): {sec.bin} chmod 700 /usr/bin/write
Jul 26 02:56:28 serversignature les(7358): {sec.bin} chmod 700 /usr/bin/talk
Jul 26 02:56:28 serversignature les(7358): {sec.bin} chmod 700 /usr/bin/ipcrm
Jul 26 02:56:28 serversignature les(7358): {sec.bin} chmod 700 /usr/bin/ipcs
Jul 26 02:56:28 serversignature les(7358): {sec.bin} chmod 700 /usr/bin/free
Jul 26 02:56:28 serversignature les(7358): {sec.bin} chmod 700 /usr/bin/locate
Jul 26 02:56:28 serversignature les(7358): {sec.bin} chmod 700 /usr/bin/wall
Jul 26 02:56:28 serversignature les(7358): {sec.bin} chmod 700 /usr/bin/finger
Jul 26 02:56:28 serversignature les(7358): {sec.bin} chmod 700 /sbin/arp
Jul 26 02:56:28 serversignature les(7358): {sec.bin} chmod 700 /sbin/ifconfig
Jul 26 02:56:28 serversignature les(7358): {sec.bin} chmod 700 /usr/sbin/repquota
Jul 26 02:56:28 serversignature les(7358): {sec.bin} chmod 700 /usr/sbin/tcpdump
Jul 26 02:56:28 serversignature les(7358): {sec.bin} chmod 700 /usr/bin/nmap
Jul 26 02:56:28 serversignature les(7358): {sec.bin} chmod 700 /usr/bin/wget
Jul 26 02:56:28 serversignature les(7358): {sec.bin} chmod 700 /usr/bin/lynx
Jul 26 02:56:28 serversignature les(7358): {sec.bin} chmod 700 /usr/lib/bcc/bcc-cc1
Jul 26 02:56:28 serversignature les(7358): {sec.bin} chmod 700 /usr/bin/perlcc
Jul 26 02:56:28 serversignature les(7358): {sec.bin} chmod 700 /usr/bin/byacc
Jul 26 02:56:28 serversignature les(7358): {sec.bin} chmod 700 /usr/bin/yacc
Jul 26 02:56:28 serversignature les(7358): {sec.bin} chmod 700 /usr/bin/bcc
Jul 26 02:56:28 serversignature les(7358): {sec.bin} chmod 700 /usr/bin/cc
Jul 26 02:56:28 serversignature les(7358): {sec.bin} chmod 700 /usr/bin/gcc
Jul 26 02:56:28 serversignature les(7358): {sec.bin} chmod 700 /usr/bin/who
Jul 26 02:56:28 serversignature les(7358): {sec.bin} chmod 700 /usr/bin/w
Jul 26 02:56:28 serversignature les(7358): {sec.bin} chmod 700 /usr/bin/nc
Jul 26 02:56:29 serversignature les(7358): {glob} sec.bin enabled
Jul 26 02:56:29 serversignature les(7358): {sec.path} chmod 711 /
Jul 26 02:56:29 serversignature les(7358): {sec.path} chmod 711 /home
Jul 26 02:56:29 serversignature les(7358): {sec.path} chmod 711 /etc
Jul 26 02:56:29 serversignature les(7358): {sec.path} chmod 711 /var
Jul 26 02:56:29 serversignature les(7358): {sec.path} chmod 711 /usr/etc
Jul 26 02:56:29 serversignature les(7358): {sec.path} chmod 711 /usr/local/etc
Jul 26 02:56:29 serversignature les(7358): {sec.path} chmod 711 /var/log
Jul 26 02:56:29 serversignature les(7358): {sec.path} chmod 711 /sbin
Jul 26 02:56:29 serversignature les(7358): {sec.path} chmod 711 /usr/sbin
Jul 26 02:56:29 serversignature les(7358): {sec.path} chmod 711 /usr/local/sbin
Jul 26 02:56:29 serversignature les(7358): {glob} sec.path enabled
Jul 26 02:56:29 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/bin/cmp
Jul 26 02:56:29 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/bin/diff
Jul 26 02:56:29 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/bin/diff3
Jul 26 02:56:29 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/bin/sdiff
Jul 26 02:56:29 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/bin/find
Jul 26 02:56:29 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/bin/xargs
Jul 26 02:56:29 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/bin/eu-addr2line
Jul 26 02:56:29 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/bin/eu-ar
Jul 26 02:56:29 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/bin/eu-elfcmp
Jul 26 02:56:29 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/bin/eu-elflint
Jul 26 02:56:29 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/bin/eu-findtextrel
Jul 26 02:56:29 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/bin/eu-make-debug-archive
Jul 26 02:56:29 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/bin/eu-nm
Jul 26 02:56:29 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/bin/eu-objdump
Jul 26 02:56:29 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/bin/eu-ranlib
Jul 26 02:56:29 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/bin/eu-readelf
Jul 26 02:56:29 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/bin/eu-size
Jul 26 02:56:29 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/bin/eu-strings
Jul 26 02:56:29 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/bin/eu-strip
Jul 26 02:56:29 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/bin/eu-unstrip
Jul 26 02:56:29 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/bin/eu-ranlib
Jul 26 02:56:29 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/bin/eu-addr2line
Jul 26 02:56:29 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/bin/eu-ar
Jul 26 02:56:29 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/bin/eu-elfcmp
Jul 26 02:56:29 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/bin/eu-elflint
Jul 26 02:56:29 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/bin/eu-findtextrel
Jul 26 02:56:29 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/bin/eu-make-debug-archive
Jul 26 02:56:29 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/bin/eu-nm
Jul 26 02:56:29 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/bin/eu-objdump
Jul 26 02:56:29 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/bin/eu-ranlib
Jul 26 02:56:29 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/bin/eu-readelf
Jul 26 02:56:29 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/bin/eu-size
Jul 26 02:56:29 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/bin/eu-strings
Jul 26 02:56:29 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/bin/eu-strip
Jul 26 02:56:29 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/bin/eu-unstrip
Jul 26 02:56:29 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/bin/eu-ranlib
Jul 26 02:56:29 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/bin/combinediff
Jul 26 02:56:29 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/bin/dehtmldiff
Jul 26 02:56:29 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/bin/editdiff
Jul 26 02:56:29 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/bin/espdiff
Jul 26 02:56:29 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/bin/filterdiff
Jul 26 02:56:29 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/bin/fixcvsdiff
Jul 26 02:56:29 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/bin/flipdiff
Jul 26 02:56:29 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/bin/grepdiff
Jul 26 02:56:29 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/bin/interdiff
Jul 26 02:56:29 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/bin/lsdiff
Jul 26 02:56:29 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/bin/recountdiff
Jul 26 02:56:29 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/bin/rediff
Jul 26 02:56:29 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/bin/splitdiff
Jul 26 02:56:29 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/bin/unwrapdiff
Jul 26 02:56:29 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/bin/dig
Jul 26 02:56:29 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/bin/host
Jul 26 02:56:29 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/bin/nslookup
Jul 26 02:56:29 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/bin/nsupdate
Jul 26 02:56:29 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/bin/irkbd
Jul 26 02:56:30 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/bin/irpsion5
Jul 26 02:56:30 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/sbin/dongle_attach
Jul 26 02:56:30 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/sbin/findchip
Jul 26 02:56:30 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/sbin/irattach
Jul 26 02:56:30 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/sbin/irdadump
Jul 26 02:56:30 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/sbin/irdaping
Jul 26 02:56:30 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/sbin/irnetd
Jul 26 02:56:30 serversignature les(7358): {sec.rpmpkg} chattr +i /bin/ping
Jul 26 02:56:30 serversignature les(7358): {sec.rpmpkg} chattr +i /bin/ping6
Jul 26 02:56:30 serversignature les(7358): {sec.rpmpkg} chattr +i /bin/tracepath
Jul 26 02:56:30 serversignature les(7358): {sec.rpmpkg} chattr +i /bin/tracepath6
Jul 26 02:56:30 serversignature les(7358): {sec.rpmpkg} chattr +i /sbin/arping
Jul 26 02:56:30 serversignature les(7358): {sec.rpmpkg} chattr +i /sbin/ifenslave
Jul 26 02:56:30 serversignature les(7358): {sec.rpmpkg} chattr +i /sbin/rdisc
Jul 26 02:56:30 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/sbin/arping
Jul 26 02:56:30 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/sbin/clockdiff
Jul 26 02:56:30 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/sbin/ping6
Jul 26 02:56:30 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/sbin/tracepath
Jul 26 02:56:30 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/sbin/tracepath6
Jul 26 02:56:30 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/bin/compress-dummy
Jul 26 02:56:30 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/bin/mail-files
Jul 26 02:56:30 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/bin/mailshar
Jul 26 02:56:30 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/bin/remsync
Jul 26 02:56:30 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/bin/shar
Jul 26 02:56:30 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/bin/unshar
Jul 26 02:56:30 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/bin/uudecode
Jul 26 02:56:30 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/bin/uuencode
Jul 26 02:56:30 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/bin/chage
Jul 26 02:56:30 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/bin/faillog
Jul 26 02:56:30 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/bin/gpasswd
Jul 26 02:56:30 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/bin/lastlog
Jul 26 02:56:30 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/bin/newgrp
Jul 26 02:56:30 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/bin/sg
Jul 26 02:56:30 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/sbin/adduser
Jul 26 02:56:30 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/sbin/chpasswd
Jul 26 02:56:30 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/sbin/groupadd
Jul 26 02:56:30 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/sbin/groupdel
Jul 26 02:56:30 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/sbin/groupmod
Jul 26 02:56:30 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/sbin/grpck
Jul 26 02:56:30 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/sbin/grpconv
Jul 26 02:56:30 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/sbin/grpunconv
Jul 26 02:56:30 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/sbin/newusers
Jul 26 02:56:30 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/sbin/pwck
Jul 26 02:56:30 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/sbin/pwconv
Jul 26 02:56:30 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/sbin/pwunconv
Jul 26 02:56:30 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/sbin/useradd
Jul 26 02:56:30 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/sbin/userdel
Jul 26 02:56:30 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/sbin/usermod
Jul 26 02:56:30 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/bin/addr2line
Jul 26 02:56:30 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/bin/ar
Jul 26 02:56:30 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/bin/as
Jul 26 02:56:30 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/bin/c++filt
Jul 26 02:56:30 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/bin/gprof
Jul 26 02:56:30 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/bin/ld
Jul 26 02:56:30 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/bin/nm
Jul 26 02:56:30 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/bin/objcopy
Jul 26 02:56:30 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/bin/objdump
Jul 26 02:56:30 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/bin/ranlib
Jul 26 02:56:30 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/bin/readelf
Jul 26 02:56:30 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/bin/size
Jul 26 02:56:30 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/bin/strings
Jul 26 02:56:30 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/bin/strip
Jul 26 02:56:30 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/lib/libbfd-2.17.50.0.6-14.el5.so
Jul 26 02:56:30 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/lib/libopcodes-2.17.50.0.6-14.el5.so
Jul 26 02:56:30 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/bin/ranlib
Jul 26 02:56:30 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/lib/libbfd-2.17.50.0.6-14.el5.so
Jul 26 02:56:30 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/lib/libopcodes-2.17.50.0.6-14.el5.so
Jul 26 02:56:30 serversignature les(7358): {sec.rpmpkg} chattr +i /bin/doexec
Jul 26 02:56:31 serversignature les(7358): {sec.rpmpkg} chattr +i /bin/ipcalc
Jul 26 02:56:31 serversignature les(7358): {sec.rpmpkg} chattr +i /bin/usleep
Jul 26 02:56:31 serversignature les(7358): {sec.rpmpkg} chattr +i /sbin/consoletype
Jul 26 02:56:31 serversignature les(7358): {sec.rpmpkg} chattr +i /sbin/fstab-decode
Jul 26 02:56:31 serversignature les(7358): {sec.rpmpkg} chattr +i /sbin/genhostid
Jul 26 02:56:31 serversignature les(7358): {sec.rpmpkg} chattr +i /sbin/getkey
Jul 26 02:56:31 serversignature les(7358): {sec.rpmpkg} chattr +i /sbin/ifdown
Jul 26 02:56:31 serversignature les(7358): {sec.rpmpkg} chattr +i /sbin/ifup
Jul 26 02:56:31 serversignature les(7358): {sec.rpmpkg} chattr +i /sbin/initlog
Jul 26 02:56:31 serversignature les(7358): {sec.rpmpkg} chattr +i /sbin/netreport
Jul 26 02:56:31 serversignature les(7358): {sec.rpmpkg} chattr +i /sbin/ppp-watch
Jul 26 02:56:31 serversignature les(7358): {sec.rpmpkg} chattr +i /sbin/service
Jul 26 02:56:31 serversignature les(7358): {sec.rpmpkg} chattr +i /sbin/setsysfont
Jul 26 02:56:31 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/sbin/sys-unconfig
Jul 26 02:56:31 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/sbin/usernetctl
Jul 26 02:56:31 serversignature les(7358): {sec.rpmpkg} chattr +i /lib/udev/rename_device
Jul 26 02:56:31 serversignature les(7358): {sec.rpmpkg} chattr +i /sbin/grubby
Jul 26 02:56:31 serversignature les(7358): {sec.rpmpkg} chattr +i /sbin/installkernel
Jul 26 02:56:31 serversignature les(7358): {sec.rpmpkg} chattr +i /sbin/mkinitrd
Jul 26 02:56:31 serversignature les(7358): {sec.rpmpkg} chattr +i /sbin/new-kernel-pkg
Jul 26 02:56:31 serversignature les(7358): {sec.rpmpkg} chattr +i /lib/bdevid/ata.so
Jul 26 02:56:31 serversignature les(7358): {sec.rpmpkg} chattr +i /lib/bdevid/scsi.so
Jul 26 02:56:31 serversignature les(7358): {sec.rpmpkg} chattr +i /lib/bdevid/usb.so
Jul 26 02:56:31 serversignature les(7358): {sec.rpmpkg} chattr +i /usr/lib/libbdevid.so.5.1.19.6
Jul 26 02:56:31 serversignature les(7358): {glob} sec.rpmpkg enabled
Jul 26 02:56:31 serversignature les(7358): {sec.profile} chmod 644 /etc/profile
Jul 26 02:56:31 serversignature les(7358): {sec.profile} chattr +i /etc/profile
Jul 26 02:56:31 serversignature les(7358): {sec.profile} chmod 644 /etc/bashrc
Jul 26 02:56:31 serversignature les(7358): {sec.profile} chattr +i /etc/bashrc
Jul 26 02:56:31 serversignature les(7358): {sec.profile} chmod 644 /etc/csh.login
Jul 26 02:56:31 serversignature les(7358): {sec.profile} chattr +i /etc/csh.login
Jul 26 02:56:31 serversignature les(7358): {sec.profile} chmod 644 /etc/csh.cshrc
Jul 26 02:56:31 serversignature les(7358): {sec.profile} chattr +i /etc/csh.cshrc
Jul 26 02:56:31 serversignature les(7358): {sec.profile} chmod 644 /etc/zprofile
Jul 26 02:56:31 serversignature les(7358): {sec.profile} chattr +i /etc/zprofile
Jul 26 02:56:31 serversignature les(7358): {sec.profile} chmod 644 /etc/zlogin
Jul 26 02:56:31 serversignature les(7358): {sec.profile} chattr +i /etc/zlogin
Jul 26 02:56:31 serversignature les(7358): {sec.profile} chmod 644 /etc/zlogout
Jul 26 02:56:31 serversignature les(7358): {sec.profile} chattr +i /etc/zlogout
Jul 26 02:56:31 serversignature les(7358): {sec.profile} chmod 644 /etc/zshrc
Jul 26 02:56:31 serversignature les(7358): {sec.profile} chattr +i /etc/zshrc
Jul 26 02:56:31 serversignature les(7358): {sec.profile} chmod 644 /etc/zshenv
Jul 26 02:56:31 serversignature les(7358): {sec.profile} chattr +i /etc/zshenv
Jul 26 02:56:31 serversignature les(7358): {sec.profile} chmod 644 /root/.bash_profile
Jul 26 02:56:31 serversignature les(7358): {sec.profile} chattr +i /root/.bash_profile
Jul 26 02:56:31 serversignature les(7358): {sec.profile} chmod 644 /root/.bashrc
Jul 26 02:56:31 serversignature les(7358): {sec.profile} chattr +i /root/.bashrc
Jul 26 02:56:31 serversignature les(7358): {sec.profile} chmod 644 /root/.bash_logout
Jul 26 02:56:31 serversignature les(7358): {sec.profile} chattr +i /root/.bash_logout
Jul 26 02:56:31 serversignature les(7358): {sec.profile} chmod 644 /root/.cshrc
Jul 26 02:56:31 serversignature les(7358): {sec.profile} chattr +i /root/.cshrc
Jul 26 02:56:31 serversignature les(7358): {sec.profile} chmod 644 /root/.tcshrc
Jul 26 02:56:31 serversignature les(7358): {sec.profile} chattr +i /root/.tcshrc
Jul 26 02:56:31 serversignature les(7358): {glob} sec.profile enabled
group deva does not exist, --secure-devel disabled. else
Jul 26 02:56:31 serversignature les(7358): {sec.deva} chmod 750 /usr/bin/wget
Jul 26 02:56:31 serversignature les(7358): {sec.deva} chown root:deva /usr/bin/wget
chown: `root:deva': invalid group
Jul 26 02:56:31 serversignature les(7358): {sec.deva} chmod 750 /usr/bin/lynx
Jul 26 02:56:31 serversignature les(7358): {sec.deva} chown root:deva /usr/bin/lynx
chown: `root:deva': invalid group
Jul 26 02:56:31 serversignature les(7358): {sec.deva} chmod 750 /usr/lib/bcc/bcc-cc1
Jul 26 02:56:31 serversignature les(7358): {sec.deva} chown root:deva /usr/lib/bcc/bcc-cc1
chown: `root:deva': invalid group
Jul 26 02:56:31 serversignature les(7358): {sec.deva} chmod 750 /usr/bin/perlcc
Jul 26 02:56:31 serversignature les(7358): {sec.deva} chown root:deva /usr/bin/perlcc
chown: `root:deva': invalid group
Jul 26 02:56:31 serversignature les(7358): {sec.deva} chmod 750 /usr/bin/byacc
Jul 26 02:56:31 serversignature les(7358): {sec.deva} chown root:deva /usr/bin/byacc
chown: `root:deva': invalid group
Jul 26 02:56:31 serversignature les(7358): {sec.deva} chmod 750 /usr/bin/yacc
Jul 26 02:56:31 serversignature les(7358): {sec.deva} chown root:deva /usr/bin/yacc
chown: `root:deva': invalid group
Jul 26 02:56:31 serversignature les(7358): {sec.deva} chmod 750 /usr/bin/bcc
Jul 26 02:56:31 serversignature les(7358): {sec.deva} chown root:deva /usr/bin/bcc
chown: `root:deva': invalid group
Jul 26 02:56:31 serversignature les(7358): {sec.deva} chmod 750 /usr/bin/cc
Jul 26 02:56:31 serversignature les(7358): {sec.deva} chown root:deva /usr/bin/cc
chown: `root:deva': invalid group
Jul 26 02:56:31 serversignature les(7358): {sec.deva} chmod 750 /usr/bin/gcc
Jul 26 02:56:31 serversignature les(7358): {sec.deva} chown root:deva /usr/bin/gcc
chown: `root:deva': invalid group