1TIGEXP(8)                   Administrator Commands                   TIGEXP(8)
2
3
4

NAME

6       tigexp - UNIX Security Checker Explanation Generator
7

SYNOPSIS

9       tigexp msgid [msgid[msgid...]]
10
11       tigexp [-f|-F] [security_report]
12

DESCRIPTION

14       Tigexp  is  used  to generate explanations of the output from the Tiger
15       security checking package.  In the first form, tigexp will generate  an
16       explanation of each of the message ids listed.  In the second form, the
17       security report specified will be scanned and  explanations  generated.
18       The  -f option will generate one explanation for each unique message id
19       in the security report, whereas the -F option will output the  security
20       report with explanations inserted after each entry in the report.
21
22       There  are five different message levels produced by Tiger. Each of the
23       message levels is the last letter of the message id. The levels are:
24
25       ALERT  A message of this level indicates that Tiger has detected a pos‐
26              sible  intrusion  attempt  or troublesome misconfiguration which
27              can expose the whole system to attacks.
28
29       FAIL   Messages of this level indicate a violation of a  generic  secu‐
30              rity  policy  or a possible intrusion. Appropriate action should
31              be taken to fix this security issue.
32
33       WARN   Messages of this level indicate a security issue which should be
34              checked  further  and might indicate a probable vulnerability or
35              exposure. Most Tiger messages appear in this category.
36
37       INFO   These includes information messages which are not necessarily  a
38              security  violation  but  might be useful for the administrator.
39              Note  that  the   tigerrc   configuration   file   through   the
40              Tiger_Show_INFO_Msgs  option  determines  whether  or  not Tiger
41              shows these items. The default behaviour is to not show them.
42
43       ERROR  These messages are errors in the execution of Tiger (or  any  of
44              its  scripts), this is probably due to a misconfiguration in the
45              program, because of a problem in the installation or  because  a
46              file needed for the test is missing. The script who outputs this
47              error should be investigated further.
48
49       CONFIG Messages with this level inform of stages in  the  configuration
50              process  of Tiger. They are not errors (otherwise ERROR would be
51              used) but notices for the user running the  program  explaining,
52              for example, which configuration might be used.
53
54   OPTIONS
55       -f     Scan  the indicated security report and generate explanations of
56              it.  One explanation will be generated for each  unique  message
57              id  in the security report.  If the name of a security report is
58              not given, then the report is read from stdin.
59
60       -F     Output the indicated security report with explanations  inserted
61              after  each  entry  in  the  report.   If the name of a security
62              report is not given, then the report is read from stdin.
63

FILES

65       $TIGERHOMEDIR/doc/explain.idx
66

SEE ALSO

68       tiger(8)
69

BUGS

71       If the explanation index is out of date, it doesn't  recognize  it  and
72       generates junk.
73
74
75
76Security                        12 August 2003                       TIGEXP(8)