Craig Dickson <[EMAIL PROTECTED]> writes: > > I have installed tiger and am now in the process of going through its > > warnings. Some of them I do not understand even though I looked at the > > tigexp output. > > > > --WARN-- [kis008w] File "xxx" in the mail spool, owned by `0'. > > > > But this mail file belongs to xxx as is shown for instance by ls -l: > > -rw-r--r-- 1 xxx mail 4201731 Oct 24 06:02 xxx > > > > From where does tiger get the idea that the file xxx does not belong > > to xxx? What should I do about this message? If it is some false > > positive of tiger, how would I stop it? > > Look in /etc/passwd and see what the UID of user xxx is. If it's zero, > and xxx is not root, then that could be a problem. On a Unix-like system, > UID 0 is root; anyone with UID 0, no matter what their name is, is root.
On my system only "root" has UID 0, xxx has a different one. Any other suggestion? > > 2.) # Performing check of anonymous FTP... > > --WARN-- [ftp006w] Anonymous FTP enabled, but directory does not exist. > > > > I don't have any ftp server installed or even running, trying to > > connect to my box results in: > > > > ftp: connect: Connection refused > > > > So from where does tiger get the idea that Anonymous FTP is enabled? > > I saw that too. I don't know. My guess is that tiger is stupid. > > I installed tiger a few months ago when the harden-* packages appeared. > It started generating all sorts of complaints. Some of them made sense, > so I resolved those issues. But there was a core group of complaints that > made no sense and would not go away. Some of them, such as this anon-ftp > thing, were so silly that I completely lost confidence in tiger as a > useful tool for my system. So I got rid of tiger. Did you replace tiger with another security auditing tool? If so, I would be interested in hearing about this other tool and your experiences with it. Thanks a lot. Andreas Gösele
