diff options
author | brooks <brooks@FreeBSD.org> | 2010-11-13 00:40:43 +0000 |
---|---|---|
committer | brooks <brooks@FreeBSD.org> | 2010-11-13 00:40:43 +0000 |
commit | 479b7f42883a475385c5a0203d82972be32f2bdb (patch) | |
tree | 1af23fa60f8e4b198022f866236556ba866c040d /etc/defaults | |
parent | 7b0aabca30b272cae8800569e8681db7f9b58c0d (diff) | |
download | FreeBSD-src-479b7f42883a475385c5a0203d82972be32f2bdb.zip FreeBSD-src-479b7f42883a475385c5a0203d82972be32f2bdb.tar.gz |
Add an (off by default) check for negative permissions (where the
group on a object has less permissions that everyone). These
permissions will not work reliably over NFS if you have more than
14 supplemental groups and are usually not what you mean.
MFC after: 1 week
Diffstat (limited to 'etc/defaults')
-rw-r--r-- | etc/defaults/periodic.conf | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/etc/defaults/periodic.conf b/etc/defaults/periodic.conf index 8267ac7..29e3b00 100644 --- a/etc/defaults/periodic.conf +++ b/etc/defaults/periodic.conf @@ -160,6 +160,9 @@ daily_status_security_diff_flags="-b -u" # flags for diff output # 100.chksetuid daily_status_security_chksetuid_enable="YES" +# 110.neggrpperm +daily_status_security_neggrpperm_enable="NO" + # 200.chkmounts daily_status_security_chkmounts_enable="YES" #daily_status_security_chkmounts_ignore="^amd:" # Don't check matching |