HardenedBSD merge requestshttps://git.hardenedbsd.org/hardenedbsd/HardenedBSD/-/merge_requests2023-08-13T07:39:30Zhttps://git.hardenedbsd.org/hardenedbsd/HardenedBSD/-/merge_requests/91HBSD: Check root permissions before updating the system2023-08-13T07:39:30ZMr. UNIXHBSD: Check root permissions before updating the systemWhen you run `hbsd-update` with no root permissions it'll download the update then fails to install it, I think it makes sense to check for the root permissions before it starts downloading the updateWhen you run `hbsd-update` with no root permissions it'll download the update then fails to install it, I think it makes sense to check for the root permissions before it starts downloading the updateShawn WebbShawn Webbhttps://git.hardenedbsd.org/hardenedbsd/HardenedBSD/-/merge_requests/52HBSD: add HBSD_LOG_SUID_SGID option2023-02-05T16:07:44ZLoicHBSD: add HBSD_LOG_SUID_SGID option```
HBSD: add HBSD_LOG_SUID_SGID option
Added HBSD_LOG_SUID_SGID that can be used to audit a strange system behavior.
The option is not added to replace auditd which is more comprehensive,
they is intended to provide...```
HBSD: add HBSD_LOG_SUID_SGID option
Added HBSD_LOG_SUID_SGID that can be used to audit a strange system behavior.
The option is not added to replace auditd which is more comprehensive,
they is intended to provide a simple analysis can be activated simply and quickly at any time.
The option is disabled by default but they is easily activated via sysctl:
sysctl kern.features.hbsd_log_suid_sgid=1
Then you can analyze the logs in this way:
dmesg | grep SUID
[123] [HBSD INTERNAL] uid=1001 exec /usr/local/bin/sudo (SUID/SGID)
Signed-off-by: Loic <loic.f@hardenedbsd.org>
Reviewed-by: Shawn Webb <shawn.webb@hardenedbsd.org>
```LoicLoic