diff options
author | Brooks Davis <brooks@FreeBSD.org> | 2010-11-13 00:40:43 +0000 |
---|---|---|
committer | Brooks Davis <brooks@FreeBSD.org> | 2010-11-13 00:40:43 +0000 |
commit | 7cdc1c00078917c2d9ec80a0deceeb322483cac4 (patch) | |
tree | 1af23fa60f8e4b198022f866236556ba866c040d /etc/defaults/periodic.conf | |
parent | 7e54af083103b4673049b78a19fa755e05e926aa (diff) | |
download | src-7cdc1c00078917c2d9ec80a0deceeb322483cac4.tar.gz src-7cdc1c00078917c2d9ec80a0deceeb322483cac4.zip |
Add an (off by default) check for negative permissions (where the
group on a object has less permissions that everyone). These
permissions will not work reliably over NFS if you have more than
14 supplemental groups and are usually not what you mean.
MFC after: 1 week
Notes
Notes:
svn path=/head/; revision=215213
Diffstat (limited to 'etc/defaults/periodic.conf')
-rw-r--r-- | etc/defaults/periodic.conf | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/etc/defaults/periodic.conf b/etc/defaults/periodic.conf index 8267ac734072..29e3b00a9d8c 100644 --- a/etc/defaults/periodic.conf +++ b/etc/defaults/periodic.conf @@ -160,6 +160,9 @@ daily_status_security_diff_flags="-b -u" # flags for diff output # 100.chksetuid daily_status_security_chksetuid_enable="YES" +# 110.neggrpperm +daily_status_security_neggrpperm_enable="NO" + # 200.chkmounts daily_status_security_chkmounts_enable="YES" #daily_status_security_chkmounts_ignore="^amd:" # Don't check matching |