special revision 1.82.2.5
1 # $NetBSD: special,v 1.82.2.5 2005/09/02 12:29:37 tron Exp $ 2 # @(#)special 8.2 (Berkeley) 1/23/94 3 # 4 # Hand-crafted mtree specification for the dangerous files. 5 # 6 # /etc/security checks: 7 # - All of these are checked if $check_mtree is enabled. 8 # - Files with "nodiff" tags are highlighted if they change. 9 # - Files without "nodiff" or "exclude" tags are displayed 10 # with diff(1)s if $check_changelist is enabled. 11 # 12 13 /set uname=root gname=wheel 14 15 . type=dir mode=0755 16 17 ./dev type=dir mode=0755 18 ./dev/drum type=char mode=0640 gname=kmem 19 ./dev/fd type=dir mode=0755 ignore 20 ./dev/kmem type=char mode=0640 gname=kmem 21 ./dev/mem type=char mode=0640 gname=kmem 22 23 ./etc type=dir mode=0755 24 ./etc/Distfile type=file mode=0644 optional 25 ./etc/amd type=dir mode=0755 optional 26 ./etc/apm type=dir mode=0755 optional 27 ./etc/bootparams type=file mode=0644 optional 28 ./etc/bootptab type=file mode=0644 optional 29 ./etc/ccd.conf type=file mode=0644 optional 30 ./etc/cgd type=dir mode=0700 optional 31 ./etc/cgd/cgd.conf type=file mode=0600 optional 32 ./etc/changelist type=file mode=0644 33 ./etc/crontab type=file mode=0644 optional 34 ./etc/csh.cshrc type=file mode=0644 35 ./etc/csh.login type=file mode=0644 36 ./etc/csh.logout type=file mode=0644 37 ./etc/daily type=file mode=0644 38 ./etc/daily.conf type=file mode=0644 39 ./etc/daily.local type=file mode=0644 optional 40 ./etc/defaultdomain type=file mode=0644 optional 41 ./etc/defaults type=dir mode=0755 42 ./etc/defaults/daily.conf type=file mode=0444 43 ./etc/defaults/monthly.conf type=file mode=0444 44 ./etc/defaults/rc.conf type=file mode=0444 45 ./etc/defaults/security.conf type=file mode=0444 46 ./etc/defaults/weekly.conf type=file mode=0444 47 ./etc/dhclient-enter-hooks type=file mode=0644 optional 48 ./etc/dhclient-exit-hooks type=file mode=0644 optional 49 ./etc/dhclient.conf type=file mode=0644 optional 50 ./etc/dhcpd.conf type=file mode=0644 optional 51 ./etc/disktab type=file mode=0644 52 ./etc/dm.conf type=file mode=0644 53 ./etc/dumpdates type=file mode=0664 gname=operator optional tags=exclude 54 ./etc/ethers type=file mode=0644 optional 55 ./etc/exports type=file mode=0644 optional 56 ./etc/floppytab type=file mode=0644 57 ./etc/fstab type=file mode=0644 58 ./etc/ftpchroot type=file mode=0644 59 ./etc/ftpd.conf type=file mode=0644 optional 60 ./etc/ftpusers type=file mode=0644 61 ./etc/ftpwelcome type=file mode=0644 optional 62 ./etc/gateways type=file mode=0644 optional 63 ./etc/gettytab type=file mode=0644 64 ./etc/group type=file mode=0644 65 ./etc/hesiod.conf type=file mode=0644 optional 66 ./etc/hosts type=file mode=0644 67 ./etc/hosts.allow type=file mode=0644 optional 68 ./etc/hosts.deny type=file mode=0644 optional 69 ./etc/hosts.equiv type=file mode=0600 optional 70 ./etc/hosts.lpd type=file mode=0644 optional 71 ./etc/ifaliases type=file mode=0644 optional 72 ./etc/inetd.conf type=file mode=0644 73 ./etc/ipf.conf type=file mode=0644 optional 74 ./etc/ipf6.conf type=file mode=0644 optional 75 ./etc/ipnat.conf type=file mode=0644 optional 76 ./etc/ipsec.conf type=file mode=0600 optional tags=nodiff 77 ./etc/kerberosIV type=dir mode=0755 ignore optional 78 ./etc/ld.so.conf type=file mode=0644 optional 79 ./etc/lkm.conf type=file mode=0644 optional 80 ./etc/localtime type=link mode=0755 81 ./etc/locate.conf type=file mode=0644 optional 82 ./etc/login.conf type=file mode=0644 optional 83 ./etc/mail type=dir mode=0755 84 ./etc/mail/aliases type=file mode=0644 85 ./etc/mail/aliases.db type=file mode=0644 optional tags=exclude 86 ./etc/mail/helpfile type=file mode=0444 87 ./etc/mail/local-host-names type=file mode=0644 optional 88 ./etc/mail/sendmail.cf type=file mode=0644 89 ./etc/mail.rc type=file mode=0644 90 ./etc/mailer.conf type=file mode=0644 91 ./etc/man.conf type=file mode=0644 92 ./etc/master.passwd type=file mode=0600 tags=nodiff 93 ./etc/mk.conf type=file mode=0644 optional 94 ./etc/moduli type=file mode=0444 95 ./etc/monthly type=file mode=0644 96 ./etc/monthly.conf type=file mode=0644 97 ./etc/monthly.local type=file mode=0644 optional 98 ./etc/mrouted.conf type=file mode=0644 99 ./etc/mtree type=dir mode=0755 100 ./etc/mtree/special type=file mode=0444 101 ./etc/mtree/special.local type=file mode=0644 optional 102 ./etc/mygate type=file mode=0644 optional 103 ./etc/myname type=file mode=0644 optional 104 ./etc/named.conf type=file mode=0644 optional 105 ./etc/namedb type=dir mode=0755 106 ./etc/netconfig type=file mode=0644 107 ./etc/netgroup type=file mode=0644 optional 108 ./etc/netgroup.db type=file mode=0644 optional tags=exclude 109 ./etc/netstart.local type=file mode=0644 optional 110 ./etc/networks type=file mode=0644 111 ./etc/newsyslog.conf type=file mode=0644 112 ./etc/nsswitch.conf type=file mode=0644 113 ./etc/ntp.conf type=file mode=0644 optional 114 ./etc/passwd type=file mode=0644 115 ./etc/passwd.conf type=file mode=0644 optional 116 ./etc/phones type=file mode=0644 117 ./etc/postfix type=dir mode=0755 optional 118 ./etc/postfix/main.cf type=file mode=0644 optional 119 ./etc/postfix/master.cf type=file mode=0644 optional 120 ./etc/postfix/postfix-script type=file mode=0555 optional 121 ./etc/powerd type=dir mode=0755 optional 122 ./etc/powerd/scripts type=dir mode=0755 optional 123 ./etc/powerd/scripts/power_button type=file mode=0555 optional 124 ./etc/powerd/scripts/reset_button type=file mode=0555 optional 125 ./etc/ppp type=dir mode=0755 optional 126 ./etc/ppp/options type=file mode=0644 optional 127 ./etc/printcap type=file mode=0644 128 ./etc/profile type=file mode=0644 129 ./etc/protocols type=file mode=0644 130 ./etc/rbootd.conf type=file mode=0644 optional 131 ./etc/rc type=file mode=0644 132 ./etc/rc.conf type=file mode=0644 133 ./etc/rc.d type=dir mode=0755 134 ./etc/rc.d/DAEMON type=file mode=0555 135 ./etc/rc.d/LOGIN type=file mode=0555 136 ./etc/rc.d/NETWORKING type=file mode=0555 137 ./etc/rc.d/SERVERS type=file mode=0555 138 ./etc/rc.d/accounting type=file mode=0555 139 ./etc/rc.d/altqd type=file mode=0555 140 ./etc/rc.d/amd type=file mode=0555 141 ./etc/rc.d/apmd type=file mode=0555 142 ./etc/rc.d/bootconf.sh type=file mode=0555 143 ./etc/rc.d/bootparams type=file mode=0555 144 ./etc/rc.d/ccd type=file mode=0555 145 ./etc/rc.d/cleartmp type=file mode=0555 146 ./etc/rc.d/cron type=file mode=0555 147 ./etc/rc.d/dhclient type=file mode=0555 148 ./etc/rc.d/dhcpd type=file mode=0555 149 ./etc/rc.d/dhcrelay type=file mode=0555 150 ./etc/rc.d/dmesg type=file mode=0555 151 ./etc/rc.d/downinterfaces type=file mode=0555 152 ./etc/rc.d/fixsb type=file mode=0555 153 ./etc/rc.d/fsck type=file mode=0555 154 ./etc/rc.d/identd type=file mode=0555 155 ./etc/rc.d/inetd type=file mode=0555 156 ./etc/rc.d/ipfilter type=file mode=0555 157 ./etc/rc.d/ipmon type=file mode=0555 158 ./etc/rc.d/ipnat type=file mode=0555 159 ./etc/rc.d/ipsec type=file mode=0555 160 ./etc/rc.d/isdnd type=file mode=0555 161 ./etc/rc.d/kdc type=file mode=0555 162 ./etc/rc.d/ldconfig type=file mode=0555 163 ./etc/rc.d/lkm1 type=file mode=0555 164 ./etc/rc.d/lkm2 type=file mode=0555 165 ./etc/rc.d/lkm3 type=file mode=0555 166 ./etc/rc.d/local type=file mode=0555 167 ./etc/rc.d/lpd type=file mode=0555 168 ./etc/rc.d/mixerctl type=file mode=0555 169 ./etc/rc.d/mopd type=file mode=0555 170 ./etc/rc.d/motd type=file mode=0555 171 ./etc/rc.d/mountall type=file mode=0555 172 ./etc/rc.d/mountcritlocal type=file mode=0555 173 ./etc/rc.d/mountcritremote type=file mode=0555 174 ./etc/rc.d/mountd type=file mode=0555 175 ./etc/rc.d/mrouted type=file mode=0555 176 ./etc/rc.d/named type=file mode=0555 177 ./etc/rc.d/ndbootd type=file mode=0555 178 ./etc/rc.d/network type=file mode=0555 179 ./etc/rc.d/newsyslog type=file mode=0555 180 ./etc/rc.d/nfsd type=file mode=0555 181 ./etc/rc.d/nfslocking type=file mode=0555 182 ./etc/rc.d/ntpd type=file mode=0555 183 ./etc/rc.d/ntpdate type=file mode=0555 184 ./etc/rc.d/pf type=file mode=0555 185 ./etc/rc.d/pf_boot type=file mode=0555 186 ./etc/rc.d/pflogd type=file mode=0555 187 ./etc/rc.d/poffd type=file mode=0555 188 ./etc/rc.d/postfix type=file mode=0555 189 ./etc/rc.d/powerd type=file mode=0555 190 ./etc/rc.d/ppp type=file mode=0555 191 ./etc/rc.d/pwcheck type=file mode=0555 192 ./etc/rc.d/quota type=file mode=0555 193 ./etc/rc.d/racoon type=file mode=0555 194 ./etc/rc.d/raidframe type=file mode=0555 195 ./etc/rc.d/raidframeparity type=file mode=0555 196 ./etc/rc.d/rarpd type=file mode=0555 197 ./etc/rc.d/rbootd type=file mode=0555 198 ./etc/rc.d/root type=file mode=0555 199 ./etc/rc.d/route6d type=file mode=0555 200 ./etc/rc.d/routed type=file mode=0555 201 ./etc/rc.d/rpcbind type=file mode=0555 202 ./etc/rc.d/rtadvd type=file mode=0555 203 ./etc/rc.d/rtsold type=file mode=0555 204 ./etc/rc.d/rwho type=file mode=0555 205 ./etc/rc.d/savecore type=file mode=0555 206 ./etc/rc.d/screenblank type=file mode=0555 207 ./etc/rc.d/securelevel type=file mode=0555 208 ./etc/rc.d/sendmail type=file mode=0555 209 ./etc/rc.d/sshd type=file mode=0555 210 ./etc/rc.d/swap1 type=file mode=0555 211 ./etc/rc.d/swap2 type=file mode=0555 212 ./etc/rc.d/sysctl type=file mode=0555 213 ./etc/rc.d/sysdb type=file mode=0555 214 ./etc/rc.d/syslogd type=file mode=0555 215 ./etc/rc.d/timed type=file mode=0555 216 ./etc/rc.d/ttys type=file mode=0555 217 ./etc/rc.d/veriexec type=file mode=0555 218 ./etc/rc.d/virecover type=file mode=0555 219 ./etc/rc.d/wdogctl type=file mode=0555 220 ./etc/rc.d/wscons type=file mode=0555 221 ./etc/rc.d/wsmoused type=file mode=0555 222 ./etc/rc.d/xdm type=file mode=0555 223 ./etc/rc.d/xfs type=file mode=0555 224 ./etc/rc.d/ypbind type=file mode=0555 225 ./etc/rc.d/yppasswdd type=file mode=0555 226 ./etc/rc.d/ypserv type=file mode=0555 227 ./etc/rc.lkm type=file mode=0644 228 ./etc/rc.local type=file mode=0644 optional 229 ./etc/rc.shutdown type=file mode=0644 230 ./etc/rc.shutdown.local type=file mode=0644 optional 231 ./etc/rc.subr type=file mode=0644 232 ./etc/remote type=file mode=0644 233 ./etc/resolv.conf type=file mode=0644 optional 234 ./etc/rpc type=file mode=0644 235 ./etc/rtadvd.conf type=file mode=0644 optional 236 ./etc/security type=file mode=0644 237 ./etc/security.conf type=file mode=0644 238 ./etc/security.local type=file mode=0644 optional 239 ./etc/services type=file mode=0644 240 ./etc/shells type=file mode=0644 241 ./etc/shosts.equiv type=file mode=0600 optional 242 ./etc/spwd.db type=file mode=0600 tags=exclude 243 ./etc/ssh type=dir mode=0755 optional 244 ./etc/ssh/ssh_config type=file mode=0644 optional 245 ./etc/ssh/ssh_host_dsa_key type=file mode=0600 optional tags=nodiff 246 ./etc/ssh/ssh_host_dsa_key.pub type=file mode=0644 optional 247 ./etc/ssh/ssh_host_key type=file mode=0600 optional tags=nodiff 248 ./etc/ssh/ssh_host_key.pub type=file mode=0644 optional 249 ./etc/ssh/ssh_host_rsa_key type=file mode=0600 optional tags=nodiff 250 ./etc/ssh/ssh_host_rsa_key.pub type=file mode=0644 optional 251 ./etc/ssh/ssh_known_hosts type=file mode=0644 optional 252 ./etc/ssh/ssh_known_hosts2 type=file mode=0644 optional 253 ./etc/ssh/sshd_config type=file mode=0644 optional 254 ./etc/sysctl.conf type=file mode=0644 255 ./etc/syslog.conf type=file mode=0644 256 ./etc/ttyaction type=file mode=0644 optional 257 ./etc/ttys type=file mode=0644 258 ./etc/usermgmt.conf type=file mode=0644 optional 259 ./etc/weekly type=file mode=0644 260 ./etc/weekly.conf type=file mode=0644 261 ./etc/weekly.local type=file mode=0644 optional 262 ./etc/wscons.conf type=file mode=0644 263 264 ./etc/racoon type=dir mode=0755 optional 265 ./etc/racoon/racoon.conf type=file mode=0644 optional 266 ./etc/racoon/psk.txt type=file mode=0600 optional tags=nodiff 267 268 ./root type=dir mode=0755 269 ./root/.cshrc type=file mode=0644 270 ./root/.klogin type=file mode=0600 optional 271 ./root/.login type=file mode=0644 272 ./root/.profile type=file mode=0644 273 ./root/.rhosts type=file mode=0600 optional 274 ./root/.shosts type=file mode=0600 optional 275 ./root/.ssh type=dir mode=0700 optional 276 ./root/.ssh/authorized_keys type=file mode=0600 optional 277 ./root/.ssh/authorized_keys2 type=file mode=0600 optional 278 ./root/.ssh/config type=file mode=0644 optional 279 ./root/.ssh/id_dsa type=file mode=0600 optional tags=nodiff 280 ./root/.ssh/id_dsa.pub type=file mode=0644 optional 281 ./root/.ssh/id_rsa type=file mode=0600 optional tags=nodiff 282 ./root/.ssh/id_rsa.pub type=file mode=0644 optional 283 ./root/.ssh/identity type=file mode=0600 optional tags=nodiff 284 ./root/.ssh/identity.pub type=file mode=0644 optional 285 ./root/.ssh/known_hosts type=file mode=0644 optional 286 ./root/.ssh/known_hosts2 type=file mode=0644 optional 287 288 ./sbin type=dir mode=0755 ignore 289 290 ./usr type=dir mode=0755 291 ./usr/bin type=dir mode=0755 ignore 292 ./usr/games type=dir mode=0755 optional 293 ./usr/games/hide type=dir mode=0750 gname=games ignore optional 294 ./usr/include type=dir mode=0755 ignore 295 ./usr/lib type=dir mode=0755 ignore 296 ./usr/libdata type=dir mode=0755 ignore 297 ./usr/libexec type=dir mode=0755 ignore 298 ./usr/pkg type=dir mode=0755 ignore optional 299 ./usr/sbin type=dir mode=0755 ignore 300 ./usr/share type=dir mode=0755 ignore 301 302 ./var type=dir mode=0755 303 ./var/account type=dir mode=0755 304 ./var/account/acct type=file mode=0644 optional tags=exclude 305 ./var/at type=dir mode=0755 ignore 306 ./var/backups type=dir mode=0755 ignore 307 ./var/chroot type=dir mode=0755 308 ./var/chroot/named type=dir mode=0755 309 ./var/chroot/named/dev type=dir mode=0755 310 ./var/chroot/named/etc type=dir mode=0755 311 ./var/chroot/named/etc/namedb type=dir mode=0755 312 ./var/chroot/named/etc/namedb/cache type=dir mode=0775 uname=named gname=named 313 ./var/chroot/named/usr type=dir mode=0755 314 ./var/chroot/named/usr/libexec type=dir mode=0755 315 ./var/chroot/named/var type=dir mode=0755 316 ./var/chroot/named/var/run type=dir mode=0775 gname=named 317 ./var/chroot/named/var/tmp type=dir mode=01775 gname=named 318 ./var/chroot/ntpd type=dir mode=0755 319 ./var/chroot/ntpd/dev type=dir mode=0755 320 ./var/chroot/ntpd/var type=dir mode=0755 321 ./var/chroot/ntpd/var/db type=dir mode=0775 gname=ntpd 322 ./var/chroot/ntpd/var/run type=dir mode=0775 gname=ntpd 323 ./var/chroot/pflogd type=dir mode=0755 324 ./var/chroot/sshd type=dir mode=0755 325 ./var/cron type=dir mode=0755 326 ./var/cron/tabs type=dir mode=0700 327 ./var/cron/tabs/root type=file mode=0600 328 ./var/db type=dir mode=0755 329 ./var/log type=dir mode=0755 330 ./var/log/authlog type=file mode=0600 optional tags=exclude 331 ./var/log/lastlog type=file mode=0644 tags=exclude 332 ./var/log/lastlogx type=file mode=0644 tags=exclude 333 ./var/log/wtmp type=file mode=0644 tags=exclude 334 ./var/log/wtmpx type=file mode=0644 tags=exclude 335 ./var/mail type=dir mode=1777 ignore 336 ./var/preserve type=dir mode=0755 ignore 337 ./var/run type=dir mode=0755 338 ./var/run/utmp type=file mode=0664 gname=utmp tags=exclude 339 ./var/run/utmpx type=file mode=0664 gname=utmp tags=exclude 340 ./var/spool type=dir mode=0755 341 ./var/spool/clientmqueue type=dir mode=0770 uname=smmsp gname=smmsp 342 ./var/spool/ftp type=dir mode=0755 optional 343 ./var/spool/ftp/bin type=dir mode=0755 optional 344 ./var/spool/ftp/bin/ls type=file mode=0555 optional 345 ./var/spool/ftp/etc type=dir mode=0755 optional 346 ./var/spool/ftp/etc/group type=file mode=0644 optional 347 ./var/spool/ftp/etc/localtime type=file mode=0644 optional 348 ./var/spool/ftp/etc/master.passwd type=file mode=0600 optional 349 ./var/spool/ftp/etc/passwd type=file mode=0644 optional 350 ./var/spool/ftp/hidden type=dir mode=0111 ignore optional 351 ./var/spool/ftp/pub type=dir mode=0775 ignore optional 352 ./var/spool/mqueue type=dir mode=0755 ignore 353 ./var/spool/output type=dir mode=0755 ignore 354 ./var/spool/uucp type=dir mode=0755 uname=uucp gname=daemon ignore optional 355 ./var/spool/uucppublic type=dir mode=1777 uname=uucp gname=daemon ignore optional 356 ./var/yp type=dir mode=0755 357 ./var/yp/Makefile type=file mode=0644 optional 358
Indexes created Wed Nov 05 19:10:08 GMT 2025