Changelog for LSAT 


- 0.4.4 - 04/19/2002
	- Fixed possible buffer overrun in lsatmain.c
	- Fixed possible buffer overrun/symlink attack in checkftpusers and 
	  checkrc modules. 
	- More typos fixed.
	- Thanks to Nordi for the tipoff on the buffer/symlink attacks I missed 	  while trying to fix them in 0.4.3.
- 0.4.3 - 04/19/2002 -
	- Added checkkbd function to check for strl-alt-del or STOP-A disable.
 	- Fixed file perms. LSAT was not making the output file chmod 0600.
	- Fixed module tempfiles. These were not being created chmod 0600 either.
	- The two above require include fcntl.h. I hope this does not break things.
        - Added more docs to lsatmain.c
- 0.4.2 - 04/18/2002 -
	- Again, more docs/cleanups in lsatmain.c
	- added securitylinks.txt file which has links to security related webpages.
	- Added checkrc module. Checks rc scripts in /etc/rc.d/init.d or 
	  /etc/rcn.d depending on which system it is on.
	- Added checkftpusers module. This checks to see that all users
	  in /etc/passwd are in /etc/ftpusers. 
	- Set umask before writing any files.
	- Set umask back to sensible value, regardless of previous value...
          (done so if user modifies files after running lsat the user will have a sensible umask)
	- lsat bails if it can not set umask.
	- Fixed error msg typos in lsatmain.c, checknet.c and checkfiles.c
- 0.4.0 - 04/15/2002 -
	- Unused vars in checkpkg removed.
	- Fixed bug in checkpasswd. (open file problem)
        - Now using mkstemp in lsatmain.c instead of just making a file.
          (this should be a little more secure in case of a tempfile exploit)
	- Many typos in checkdotfiles fixed.
	- Error msgs in all modules will (should) report module name on error.
	- Now using mkstemp in all modules. 
	- In lsatmain.c default value for distribution variable is now
	  redhat (1), since it errors out if not set at all. - Thanks: nordi
	- Fixed buffer overflow vulnerability in checknet. - Thanks: nordi
	- Fixed possible buffer overrun vulnerability in all modules.
	- Typo in checknet error msg, fixed.
	- more documentation added to lsatmain.c
- 0.3.3 - 04/12/2002 -
	- checkfiles now checks the following:
	  That utmp, wtmp, mtab, mtod are chmod 644
	  That /etc, /usr/etc, /bin, /usr/bin, /sbin, /usr/sbin, /tmp
          and /var/tmp are owned by root.
	- Various minor bugfixes
- 0.3.2 - 04/10/2002 -
	- Minor bugfixes in checkumask file
	- lsatmain.c now checks for redhat or debian distro
	- checkrpms is now checkpkgs and will check rpms if sys is
	  redhat or debs if sys is debian
	- Various small bugfixes
- 0.3.0 - 04/08/2002 -
	- Major bug fixes. After 0.2.0 release it was noted that
	  several check files were still not correct. These have
	  been fixed and tested (RedHat 6.2/sparc).
	- Added checkumask module to check default umasks on system.
	- Updated INSTALL file
	- Updated README.modules
	- Updated README
- 0.2.0 - 04/07/2002 -
	- Major bug fixed. Prior releases have modules which do
	  not fully check for what they are supposed to.
	- Added autoconf feature (thanks Fred Ollinger)
	- Added prelimenary manpage (thanks Fred Ollinger)
- 0.1.9 - 04/07/2002 - 
	- Fixed passwd check. Also includes check for uid=0 on other users.
- 0.1.8 - 04/06/2002 - 
	- Check /dev for non block/char files.
	- xinetd.d check broken on RedHat 7.2 FIXED
	- Added module for checking /etc/passwd. BROKEN.
- 0.1.7 - 04/05/2002 -
	- Added check for .rhosts/.netrc files to checkdotfiles module.
	- Added check for non block/char files in /dev to checkset module. 
	- xinetd.d checking is functional in checkinetd module.
	- verbose parameter added to all functions, -v now works.
	- release and kernel checking changed to be more generic.
- 0.1.6 - 04/03/2002 -
	- Added checkdotfiles module which checks for .exrc and .forward files.
	- Added checkwrite module which checks for world writable files/dirs.
	- Added INSTALL file.
- 0.1.5 - 04/03/2002 -
	- Did not change version number, but did the following:
	- tarball/zipfile now untars/zips into lsat- directory.
	- Added README file to the package.
	- Added this changelog to the package.
	- Added md5 checksums for the tar/zipfile. They are on the homepage.
- 0.1.5 - 04/02/2002 -
	- Fixed checkinetd.c, added checks for hosts.allow and deny files.
	- lsatmain.c now reports finishing.
	- Added checkset module to check setuid/setgid files.
	- Added more documentation throughout.
- 0.1.1 - 04/01/2002 -
	- Fixed typo in checkinetd.c (zinet.d -> xinetd.d).
	- Thanks: Eerik Kiskonen 
- 0.1   - 04/01/2002 -
	- Initial release