HardenedBSD/etc/security
rgrimes 941cae5887 From: rich@lamprey.UTMB.EDU (Rich Murphey)
Subject: Re: daily insecurity output (fwd)
|From: rgrimes@agora.rain.com (Rodney Grimes)
|
|This is from the new /etc/security script.  I no longer get the segmentation
|violation, but now the arg list is too long, some /bin/sh program want to
|fix the current /etc/security ls command so that it is a pipe insteal of
|a back quoted arg?
|
|> checking setuid files and devices:
|> /etc/security: ls: argument list too long

This uses xargs instead.  My slip line's down so I can't check it in
at the moment. Rich
1994-01-22 10:54:13 +00:00

42 lines
982 B
Bash

#!/bin/sh -
#
# @(#)security 5.3 (Berkeley) 5/28/91
# $Id: security,v 1.5 1993/12/15 06:42:01 rich Exp $
#
PATH=/sbin:/bin:/usr/bin
host=`hostname -s`
echo "Subject: $host security check output"
LOG=/var/log
TMP=/tmp/_secure.$$
umask 027
echo "checking setuid files and devices:"
# don't have ncheck, but this does the equivalent of the commented out block.
# note that one of the original problem, the possibility of overrunning
# the args to ls, is still here...
#
MP=`mount -t ufs | sed 's;/dev/;&r;' | awk '{ print $3 }'`
set $MP
while test $# -ge 1; do
mount=$1
shift
find $mount -xdev -perm -u+s -or -perm -g+s | sort
done | xargs -n 20 ls -lgTd > $TMP
if cmp $LOG/setuid.today $TMP >/dev/null; then :; else
echo "$host setuid/device diffs:"
diff $LOG/setuid.today $TMP
mv $LOG/setuid.today $LOG/setuid.yesterday
mv $TMP $LOG/setuid.today
fi
rm -f $TMP
echo ""
echo ""
echo "checking for uids of 0:"
awk 'BEGIN {FS=":"} $3=="0" {print $1,$3}' /etc/master.passwd