Install LES
Product Name: LES ( Linux Environment Security )
Product Version: 0.2 Rev.1
Homepage: http://www.rfxn.com/projects/linux-environment-security/
Description: Linux Environment Security is intended as a facility to quickly & easily secure RedHat/RPM based environments (i.e: turbo linux, open linux). It does such by enforcing root-only permissions on system binaries (binaries that have no place being
executed by normal users), enforcing root-only path traversal on system paths, enforcing immutable bit on essential rpm package contents (i.e: coreutils), and enforcing immutable bit on shell profile scripts.
*WARNING* May give you problems with control panels like: cpanel, directadmin, lxadmin. Some tuning may be needed to get it to work
Step 1: Downloading, Installing LES
cd /usr/local/src wget http://www.r-fx.ca/downloads/les-current.tar.gz tar -zxvf les-current.tar.gz cd les-0.* ./install.sh rm -Rf /usr/local/src/les*
Step 2: View your possible options
/usr/local/sbin/les
Step 3: If your unsure, run enable all options
/usr/local/sbin/les -ea
Options: -da | --disable-all Disable all options -ea | --enable-all Enable all options -sb | --secure-bin Set root only execution of critical binaries -sp | --secure-path Set root only traversal of critical paths -sr | --secure-rpmpkg Set immutable on core rpm package binaries -so | --secure-prof Set immutable on interactive login profiles -sd | --secure-devel Set access to devel utils for group deva & root
I Understand this program have conflict with Directadmin and Lxadmin for example the permision of var directory when we change it too 711 at lxadmin – we can not login too panel
Admin Edit: Added a warning in the top. Ill experiment with some panels later.