+awk -F: "\$2 == \"\" \
+ { print \"user \" \$1 \" has no password\" }" /etc/master.passwd
+
+echo ""
+echo "Checking for turned-off accounts with valid shells:"
+awk -F: "length(\$2) != 13 && \$10 ~ /.*sh$/ \
+ { print \"user \" \$1 \" account turned off with valid shell.\" }" \
+ /etc/master.passwd
+
+# Check special users with .rhosts files.
+echo ""
+echo "Checking for special users with .rhosts files."
+awk -F: "\$3 < 100 || \$1 == \"ftp\" || \$1 == \"uucp\" \
+ { print \$1 \" \" \$6 }" /etc/passwd | \
+ while read uid homedir; do
+ if [ -f ${homedir}/.rhosts ] ; then
+ rhost=`ls -lT ${homedir}/.rhosts`
+ echo "$uid: $rhost"
+ fi
+ done
+
+# Check home directories.
+echo ""
+echo "Checking user's home directories."
+echo "Checking .netrc, .rhosts."
+# Files that should not be owned by someone else or readable.
+awk -F: "{ print \$1 \" \" \$6 }" /etc/passwd | \
+while read uid homedir; do
+ if [ -f ${homedir}/.netrc ] ; then
+ file=`ls -lT ${homedir}/.netrc`
+ echo "$uid .netrc $file"
+ fi
+ if [ -f ${homedir}/.rhosts ] ; then
+ file=`ls -lT ${homedir}/.rhosts`
+ echo "$uid .rhosts $file"
+ fi
+done | awk \
+ "\$1 != \$5 && \$5 != \"root\" \
+ { print \"user \" \$1 \"'s \" \$2 \" file is owned by \" \$5 } \
+ \$3 ~ /^-...r/ \
+ { print \"user \" \$1 \"'s \" \$2 \" file is group readable\" } \
+ \$3 ~ /^-......r/ \
+ { print \"user \" \$1 \"'s \" \$2 \" file is other readable\" } \
+ \$3 ~ /^-....w/ \
+ { print \"user \" \$1 \"'s \" \$2 \" file is group writeable\" } \
+ \$3 ~ /^-.......w/ \
+ { print \"user \" \$1 \"'s \" \$2 \" file is other writeable\" }"
+
+# Files that should not be owned by someone else or writeable.
+echo ""
+echo "Checking .cshrc, .klogin, .login, .profile."
+awk -F: "{ print \$1 \" \" \$6 }" /etc/passwd | \
+while read uid homedir; do
+ if [ -f ${homedir}/.cshrc ] ; then
+ file=`ls -lT ${homedir}/.cshrc`
+ echo "$uid .cshrc $file"
+ fi
+ if [ -f ${homedir}/.klogin ] ; then
+ file=`ls -lT ${homedir}/.klogin`
+ echo "$uid .klogin $file"
+ fi
+ if [ -f ${homedir}/.login ] ; then
+ file=`ls -lT ${homedir}/.login`
+ echo "$uid .login $file"
+ fi
+ if [ -f ${homedir}/.profile ] ; then
+ file=`ls -lT ${homedir}/.profile`
+ echo "$uid .profile $file"
+ fi
+done | awk \
+ "\$1 != \$5 && \$5 != \"root\" \
+ { print \"user \" \$1 \"'s \" \$2 \" file is owned by \" \$5 } \
+ \$3 ~ /^-....w/ \
+ { print \"user \" \$1 \"'s \" \$2 \" file is group writeable\" } \
+ \$3 ~ /^-.......w/ \
+ { print \"user \" \$1 \"'s \" \$2 \" file is other writeable\" }"
+
+# Check mailbox ownership and permissions.
+echo ""
+echo "Checking mailbox ownership."
+ls -l /var/mail | \
+awk "\$3 != \$9 \
+ { print \"user \" \$9 \"'s mailbox is owned by \" \$3 } \
+ \$2 ~ /^-...r/ \
+ { print \"user \" \$1 \"'s mailbox is group readable\" } \
+ \$2 ~ /^-......r/ \
+ { print \"user \" \$1 \"'s mailbox is other readable\" } \
+ \$2 ~ /^-....w/ \
+ { print \"user \" \$1 \"'s mailbox is group writeable\" } \
+ \$2 ~ /^-.......w/ \
+ { print \"user \" \$1 \"'s mailbox is other writeable\" }"
+
+# Check for special files.
+echo ""
+echo "Checking dangerous files and directories."
+mtree -e -p / -f /etc/mtree/flist.secure
+
+# Check for bad paths in root startup files.
+echo ""
+echo "Checking root paths (csh startup files)."
+rhome=/root
+for i in /etc/csh.cshrc /etc/csh.login ${rhome}/.cshrc ${rhome}/.login ; do
+ echo "$i:"
+ if [ -f $i ] ; then
+ if egrep -h -i 'path.*[^a-z]\.[^a-z]' $i > /dev/null ; then
+ echo "Root's path appears to include ."
+ fi
+ egrep -h -i path $i | \
+ awk "{ for (i = 1; i <= NF; ++i) print \$i }" | \
+ while read dir; do
+ if [ -d $dir ] ; then
+ echo `ls -ldgT $dir`
+ fi
+ done | \
+ awk "\$1 ~ /^d....w/ \
+ { print \"Root path directory \" \$10 \" is group writeable.\" } \
+ \$1 ~ /^d.......w/ \
+ { print \"Root path directory \" \$10 \" is other writeable.\" }"
+ fi
+done
+
+echo ""
+echo "Checking root paths (sh startup files)."
+for i in ${rhome}/.profile ${rhome}/.klogin ; do
+ echo "$i:"
+ if [ -f $i ] ; then
+ if egrep -h -i 'path.*:\.:' $i > /dev/null ; then
+ echo "Root's path appears to include ."
+ fi
+ egrep -h -i 'path.*:' $i | \
+ awk -F: "{ for (i = 1; i <= NF; ++i) print \$i }" | \
+ while read dir; do
+ if [ -d $dir ] ; then
+ echo `ls -ldgT $dir`
+ fi
+ done | \
+ awk "\$1 ~ /^d....w/ \
+ { print \"Root path directory \" \$10 \" is group writeable.\" } \
+ \$1 ~ /^d.......w/ \
+ { print \"Root path directory \" \$10 \" is other writeable.\" }"
+ fi
+done