Bug#734775: tiger: nologin path incorrect in three scripts for debian use

Package: tiger Version: 1:3.2.3-11 Severity: normal Dear Maintainer, The nologin path should be /usr/sbin/nologin for these three instances: /bin/false|/usr/bin/false|/dev/null|/sbin/nologin|/bin/true) /usr/lib/tiger/scripts/check_passwd /bin/false|/usr/bin/false|/sbin/nologin) /usr/lib

Bug#726645: dbus: tiger reports vulnerability with dbus-daemon-launch-helper

Package: dbus Version: 1.6.16-1 Severity: normal The tiger script check_suid does the equivalent of: strings dbus-daemon-launch-helper | grep -E '\.\./' And finds: ../../dbus/dbus-connection.c ../../dbus/dbus-errors.c ../../dbus/dbus-message.c ../../dbus/dbus-pending-call.c ../../dbus/dbus-sig

Bug#725190: tiger: getting misc020f after adding procs to tigerrc

Package: tiger Version: 1:3.2.3-11 Severity: normal Dear Maintainer, I am still getting misc020f after adding suggested /sbin/klogd & /sbin/syslogd to tigerrc Tiger_Running_Procs variable. This was the fix instructed by tigexp. -- System Information: Debian Release: jessie/sid APT prefers un

Bug#725100: tiger: dev003w is thrown on a stock debian install.

Package: tiger Version: 1:3.2.3-11 Severity: normal Dear Maintainer, dev003w & dev002f are thrown on a stock debian install. -- System Information: Debian Release: jessie/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architec

Bug#724504: tiger: lin001w is warning me about packages that are generated on the install of the kernel

Package: tiger Version: 1:3.2.3-11 Severity: normal Dear Maintainer, The files lin001w warns me about are generated in the install of the kernel. They should be ignored in tiger by default. -- System Information: Debian Release: jessie/sid APT prefers unstable APT policy: (500, 'unstable')

Bug#724335: tiger: misc021w is telling me no umask entry for /etc/init.d/rcS but umask already defined

Package: tiger Version: 1:3.2.3-11 Severity: normal Dear Maintainer, *** Please consider answering these questions, where appropriate *** if you do sudo find /etc -type f -exec grep -i umask {} \; -print you will see that umask is defined in login.defs and picked up by pam_umask. There is no re

Bug#724334: tiger: When /var/mail is a logical volume, it should ignore kis008w

Package: tiger Version: 1:3.2.3-11 Severity: normal Dear Maintainer, *** Please consider answering these questions, where appropriate *** Ran tiger report and got warning kis008w. When /var/mail is a logical volume, tiger should ignore this. *** End of the template - remove these lines ***

Bug#724328: tiger: perm023a alert when setuid/setguid is set to default permissions

Package: tiger Version: 1:3.2.3-11 Severity: normal Dear Maintainer, *** Please consider answering these questions, where appropriate *** * Ran a tiger report and received perm023a alerts for permissions settings which were not different than default debian settings. /bin/su setuid to 'root'

Bug#723101: tiger looking for boot.conf instead of boot.cfg

Package: tiger Version: 1:3.2.3-11 Severity: normal Dear Maintainer, * I ran a tiger report, and I was given the boot03w warning. Tiger is looking for my boot configuration file in boot.conf. This debian install by default has boot.cfg instead of boot.conf. * I expected tiger to see the b

Bug#720581: login package provides wrong dir for nologin

Package: login Version: 1:4.1.5.1-1 Severity: normal Dear Maintainer, *** Please consider answering these questions, where appropriate *** * What led up to the situation? Tiger security tool warning * What exactly did you do (or not do) that was effective (or ineffective)? ran tiger s

Bug#720350: (no subject)

Package: login Version: 1:4.1.5.1-1 Severity: normal Dear Maintainer, *** Please consider answering these questions, where appropriate *** * What led up to the situation? * What exactly did you do (or not do) that was effective (or ineffective)? * What was the outcome of this action