From 546a36e9c4f4aa5c59d4a6202cb38a5fa6f2f8a6 Mon Sep 17 00:00:00 2001 From: Robert Date: Mon, 19 May 2025 23:04:36 -0400 Subject: [PATCH] Example /home/example1User...example2User/Downloads. --- README.md | 15 ++++++++++----- config.json.example | 2 +- 2 files changed, 11 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index 6c53109..0f56182 100644 --- a/README.md +++ b/README.md @@ -29,13 +29,18 @@ sudo execguard --newKey ``` ## /etc/execgaurd/config.json -scan_interval is the number of minutes to delay before scanning the protected_dirs for executables that are not allowed to run, it will chmod -x those programs. If 0, disables the scan for executables to remove the executution (x) bit. DO NOT ADD system bin paths to the Protected Dirs!!! As your system will fail to Boot!! skip_dirs are directories to skip inside of the protected_dirs. alert_email is where to send alerts besides the /var/log/execgaurd.log file. If the alert_email is an empty string, that will not send any emails... hash_encryption takes one of the following: none, xor, or xxtea. Passphrase is used on xor or xxtea to provide security against people injecting hashes into the database to make a bad program run. hash_type is either sha256, or sha512. Sha512 is better for security and sha256 is better on perforance, maybe... -``` -{ +scan_interval is the number of minutes to delay before scanning the protected_dirs for executables that are not allowed to run, it will chmod -x those programs. If 0, disables the scan for executables to remove the executution (x) bit. DO NOT ADD system bin paths to the Protected Dirs!!! As your system will fail to Boot!! skip_dirs are directories to skip inside of the protected_dirs. alert_email is where to send alerts besides the /var/log/execgaurd.log file. If the alert_email is an empty string, that will not send any emails... hash_encryption takes one of the following: none, xor, or xxtea. Passphrase is used on xor or xxtea to provide security against people injecting hashes into the database to make a bad program run. hash_type is either sha256, or sha512. Sha512 is better for security and sha256 is better on perforance, maybe...Be sure to UPDATE your downloads folders, to YOURS!!! +``` +{ + "db_file": "/etc/execguard/system.db", + "log_file": "/var/log/execguard.log", + "mail_prog": "/usr/bin/mail", + "scanner_prog": "/usr/bin/clamscan", + "downloads": ["/home/exampleUser1/Downloads", "/home/exampleUser2/Downloads"], "scan_interval": 0, "protected_dirs": ["/home"], "skip_dirs": [".cache",".git"], - "alert_email": "root@loalhost", + "alert_email": "" "passphrase": "cdzTE1Gk6/VuDlnU", "hash_encryption": "xxtea", "hash_type": "sha512" @@ -47,7 +52,7 @@ Be sure to update your config.json file to have a passphrase that was generated cd execgaurd sudo mkdir -p /etc/execguard/ go build -o execguard -./execguard --newKey +sudo ./execguard --newKey ## Copy the passphrase key into your clipboard. sudo cp config.json.example /etc/execguard/config.json sudo nano /etc/execguard/config.json diff --git a/config.json.example b/config.json.example index aabb8f9..4f8cad0 100644 --- a/config.json.example +++ b/config.json.example @@ -3,7 +3,7 @@ "log_file": "/var/log/execguard.log", "mail_prog": "/usr/bin/mail", "scanner_prog": "/usr/bin/clamscan", - "downloads": ["/home/bobs/Downloads"], + "downloads": ["/home/exampleUser1/Downloads", "/home/exampleUser2/Downloads"], "scan_interval": 0, "protected_dirs": ["/home"], "skip_dirs": [".cache",".git"],