![[BACK]](/icons/back.gif){kind=icon}
Return to security CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [cvs.NetBSD.org] / src / etc|
Return to security CVS log | Up to [cvs.NetBSD.org] / src / etc |
| File: [cvs.NetBSD.org] / src / etc / security (download)
Revision 1.6, Wed Oct 27 16:59:13 1993 UTC (30 years, 5 months ago) by cgd
use of xargs wasn't strictly a security hole, but could lead to fouled- up results. xargs should really have an option to automatically 'quote' input. |
#!/bin/sh -
#
# @(#)security 5.3 (Berkeley) 5/28/91
#
PATH=/sbin:/bin:/usr/bin
host=`hostname -s`
echo "Subject: $host security check output"
LOG=/var/log
TMP=/tmp/_secure.$$
umask 027
echo "checking setuid files and devices:"
# don't have ncheck, but this does the equivalent of the commented out block.
MP=`mount -t ufs | sed 's;/dev/;&r;' | awk '{ print $3 }'`
set $MP
ls -lgT `while test $# -ge 1; do
mount=$1
shift
find $mount -xdev \( -perm -u+s -or -perm -g+s \) | sort
done` > $TMP
#MP=`mount -t ufs | sed 's;/dev/;&r;' | awk '{ print $1 " " $3 }'`
#set $MP
#ls -lgT `while test $# -ge 2; do
# device=$1
# shift
# mount=$1
# shift
# ncheck -s $device | sed -e "/:$/d" -e "/\/dev\//d" \
# -e "s;[^/]*;$mount;" -e "s;//;/;g" | sort
#done` > $TMP
if cmp $LOG/setuid.today $TMP >/dev/null; then :; else
echo "$host setuid/device diffs:"
diff $LOG/setuid.today $TMP
mv $LOG/setuid.today $LOG/setuid.yesterday
mv $TMP $LOG/setuid.today
fi
rm -f $TMP
echo ""
echo ""
echo "checking for uids of 0:"
awk 'BEGIN {FS=":"} $3=="0" {print $1,$3}' /etc/master.passwd