# @(#)security 5.3 (Berkeley) 5/28/91
echo "Subject: $host security check output"
echo "checking setuid files and devices:"
# don't have ncheck, but this does the equivalent of the commented out block.
# note that one of the original problem, the possibility of overrunning
# the args to ls, is still here...
# add this after -a when find supports isofs, and you don't want to check
# \( ! \( -fstype isofs \) -o -prune \) \
# do skip checking cdroms
find / -fstype local -a \
\
( -perm -u+s
-or -perm -g+s \
) | \
sed -e "/\/dev\//d" -e "s;//;/;g" |
sort |
xargs -n 20 ls -lgT > $TMP
#MP=`mount -t ufs | sed 's;/dev/;&r;' | awk '{ print $1 " " $3 }'`
#ls -lgT `while test $# -ge 2; do
# ncheck -s $device | sed -e "/:$/d" -e "/\/dev\//d" \
# -e "s;[^/]*;$mount;" -e "s;//;/;g" | sort
if cmp $LOG/setuid.today
$TMP >/dev
/null
; then :; else
echo "$host setuid/device diffs:"
diff $LOG/setuid.today
$TMP
mv $LOG/setuid.today
$LOG/setuid.yesterday
mv $TMP $LOG/setuid.today
echo "checking for uids of 0:"
awk 'BEGIN {FS=":"} $3=="0" {print $1,$3}' /etc
/master.passwd