security revision 1.3
1#!/bin/sh - 2# 3# @(#)security 5.3 (Berkeley) 5/28/91 4# 5PATH=/sbin:/bin:/usr/bin 6 7host=`hostname -s` 8echo "Subject: $host security check output" 9 10LOG=/var/log 11TMP=/tmp/_secure.$$ 12 13umask 027 14 15echo "checking setuid files and devices:" 16 17# don't have ncheck, but this does the equivalent of the commented out block. 18# note that one of the original problem, the possibility of overrunning 19# the args to ls, is still here... 20 21ls -lgT `find / \( \( ! -fstype local -o -fstype fdesc -o -fstype kernfs \) \ 22 -a -prune \) \ 23 \( -perm -u+s -or -perm -g+s \) | \ 24 sed -e "/\/dev\//d" -e "s;//;/;g" | sort` > $TMP 25 26#MP=`mount -t ufs | sed 's;/dev/;&r;' | awk '{ print $1 " " $3 }'` 27#set $MP 28#ls -lgT `while test $# -ge 2; do 29# device=$1 30# shift 31# mount=$1 32# shift 33# ncheck -s $device | sed -e "/:$/d" -e "/\/dev\//d" \ 34# -e "s;[^/]*;$mount;" -e "s;//;/;g" | sort 35#done` > $TMP 36 37if cmp $LOG/setuid.today $TMP >/dev/null; then :; else 38 echo "$host setuid/device diffs:" 39 diff $LOG/setuid.today $TMP 40 mv $LOG/setuid.today $LOG/setuid.yesterday 41 mv $TMP $LOG/setuid.today 42fi 43rm -f $TMP 44 45echo "" 46echo "" 47echo "checking for uids of 0:" 48awk 'BEGIN {FS=":"} $3=="0" {print $1,$3}' /etc/master.passwd 49