Commit | Line | Data |
---|---|---|
525ea79f KB |
1 | #!/bin/sh - |
2 | # | |
383148a3 | 3 | # @(#)security 5.8 (Berkeley) %G% |
525ea79f KB |
4 | # |
5 | PATH=/sbin:/bin:/usr/bin | |
6 | ||
32e3fbdd | 7 | host=`hostname` |
525ea79f KB |
8 | echo "Subject: $host security check output" |
9 | ||
383148a3 KB |
10 | umask 22 |
11 | ||
525ea79f | 12 | LOG=/var/log |
383148a3 KB |
13 | TMP1=/tmp/_secure1.$$ |
14 | TMP2=/tmp/_secure2.$$ | |
525ea79f | 15 | |
32e3fbdd | 16 | echo "" |
773dea30 | 17 | echo "Checking setuid files and devices:" |
383148a3 KB |
18 | (find / \( ! -fstype local \) -a -prune -o \( -perm -u+s -o -perm -g+s \ |
19 | -o ! -type d -a ! -type f -a ! -type l \) | sort >$TMP1) 2>$TMP2 | |
20 | ||
21 | if [ -s $TMP2 ] ; then | |
22 | echo "$host setuid/device find errors:" | |
23 | cat $TMP2 | |
24 | echo ""; echo "" | |
25 | fi | |
26 | ||
27 | if cmp $LOG/setuid.today $TMP1 >/dev/null; then :; else | |
28 | echo "$host setuid/device additions:" | |
29 | ls -lgT `join -v1 $LOG/setuid.today $TMP1` | |
30 | echo ""; echo "" | |
31 | echo "$host setuid/device deletions:" | |
32 | ls -lgT `join -v2 $LOG/setuid.today $TMP1` | |
33 | ||
34 | mv $LOG/setuid.current $LOG/setuid.backup | |
35 | mv $TMP1 $LOG/setuid.current | |
525ea79f | 36 | fi |
383148a3 | 37 | rm -f $TMP1 $TMP2 |
525ea79f KB |
38 | |
39 | echo "" | |
40 | echo "" | |
773dea30 | 41 | echo "Checking for uids of 0:" |
525ea79f | 42 | awk 'BEGIN {FS=":"} $3=="0" {print $1,$3}' /etc/master.passwd |