>From: Drew Hess <dhess@CS.Stanford.EDU>

[unix-history] / etc / security

#!/bin/sh -
#
#       @(#)security    5.3 (Berkeley) 5/28/91
#       $Id$
#
PATH=/sbin:/bin:/usr/bin

host=`hostname -s`
echo "Subject: $host security check output"

LOG=/var/log
TMP=/tmp/_secure.$$

umask 027

echo "checking setuid files and devices:"

# don't have ncheck, but this does the equivalent of the commented out block.
# note that one of the original problem, the possibility of overrunning
# the args to ls, is still here...
#
# add this after -a when find supports isofs, and you don't want to check
# your cd roms
#    \( ! \( -fstype isofs \) -o -prune \) \
# do skip checking cdroms

find / -fstype local -a \
   \( -perm -u+s -or -perm -g+s \) | \
       sed -e "/\/dev\//d" -e "s;//;/;g" | sort | xargs -n 20 ls -lgT > $TMP


#MP=`mount -t ufs | sed 's;/dev/;&r;' | awk '{ print $1 " " $3 }'`
#set $MP
#ls -lgT `while test $# -ge 2; do
#       device=$1
#       shift
#       mount=$1
#       shift
#       ncheck -s $device | sed -e "/:$/d" -e "/\/dev\//d" \
#           -e "s;[^/]*;$mount;" -e "s;//;/;g" | sort
#done` > $TMP

if cmp $LOG/setuid.today $TMP >/dev/null; then :; else
       echo "$host setuid/device diffs:"
       diff $LOG/setuid.today $TMP
       mv $LOG/setuid.today $LOG/setuid.yesterday
       mv $TMP $LOG/setuid.today
fi
rm -f $TMP

echo ""
echo ""
echo "checking for uids of 0:"
awk 'BEGIN {FS=":"} $3=="0" {print $1,$3}' /etc/master.passwd