fix user or homedir with spaces in (bug #16237).

1 files changed, 19 insertions, 18 deletions

diff --git a/cron-sh/security_check.sh b/cron-sh/security_check.sh
index 2960e23..dbcc0b2 100755
--- a/cron-sh/security_check.sh
+++ b/cron-sh/security_check.sh
@@ -62,8 +62,8 @@ if [[ ${CHECK_PERMS} == yes ]]; then
 # Files that should not be owned by someone else or readable.
 list=".netrc .rhosts .shosts .Xauthority .gnupg/secring.gpg \
 .pgp/secring.pgp .ssh/identity .ssh/id_dsa .ssh/id_rsa .ssh/random_seed"
-getent passwd | awk -F: '/^[^+-]/ { print $1 " " $3 " " $6 }' | 
-while read username uid homedir; do
+getent passwd | awk -F: '/^[^+-]/ { print $1 ":" $3 ":" $6 }' | 
+while IFS=: read username uid homedir; do
     if ! expr "$homedir" : "$FILTER"  > /dev/null; then
 	for f in ${list} ; do
 	    file="${homedir}/${f}"
@@ -94,17 +94,18 @@ list=".bashrc .bash_profile .bash_login .bash_logout .cshrc .emacs .exrc \
 .forward .klogin .login .logout .profile .tcshrc .fvwmrc .inputrc .kshrc \
 .nexrc .screenrc .ssh .ssh/config .ssh/authorized_keys .ssh/environment \
 .ssh/known_hosts .ssh/rc .twmrc .xsession .xinitrc .Xdefaults"
-getent passwd | awk -F: '/^[^+-]/ { print $1 " " $3 " " $6 }' | \
-while read username uid homedir; do
+getent passwd | awk -F: '/^[^+-]/ { print $1 ":" $3 ":" $6 }' | \
+while IFS=: read username uid homedir; do
     if ! expr "$homedir" : "$FILTER"  > /dev/null; then
-        for f in ${list} ; do
-                file=${homedir}/${f}
-                if [[ -f ${file} ]] ; then
-                        printf "${uid} ${username} ${file} `ls -LldcGn ${file}`\n"
-                fi
+	for f in ${list} ; do
+	    file="${homedir}/${f}"
+	    if [[ -f "${file}" ]] ; then
+		res=`ls -LldcGn "${file}" | sed 's/ \{1,\}/:/g'`
+		printf "${uid}:${username}:${file}:${res}\n"
+	    fi
         done
     fi
-done | awk '$1 != $6 && $6 != "0" \
+done | awk -F: '$1 != $6 && $6 != "0" \
         { print "\t\t- " $3 " : file is owned by uid " $6 "." }
      $4 ~ /^.....w/ \
         { print "\t\t- " $3 " : file is group writable." }
@@ -117,17 +118,17 @@ if [[ -s ${TMP} ]]; then
 fi
 
 ### Check home directories.  Directories should not be owned by someone else or writable.
-getent passwd | awk -F: '/^[^+-]/ { print $1 " " $3 " " $6 }' | \
-while read username uid homedir; do
+getent passwd | awk -F: '/^[^+-]/ { print $1 ":" $3 ":" $6 }' | \
+while IFS=: read username uid homedir; do
     if ! expr "$homedir" : "$FILTER"  > /dev/null; then
-        if [[ -d ${homedir} ]] ; then
-                realuid=`ls -LldGn ${homedir}| awk '{ print $3 }'`
-                realuser=`ls -LldG ${homedir}| awk '{ print $3 }'`
-                permissions=`ls -LldG ${homedir}| awk '{ print $1 }'`
-                printf "${permissions} ${username} (${uid}) ${realuser} (${realuid})\n"
+        if [[ -d "${homedir}" ]] ; then
+                realuid=`ls -LldGn "${homedir}"| awk '{ print $3 }'`
+                realuser=`ls -LldG "${homedir}"| awk '{ print $3 }'`
+                permissions=`ls -LldG "${homedir}"| awk '{ print $1 }'`
+                printf "${permissions}:${username}:(${uid}):${realuser}:(${realuid})\n"
         fi
     fi
-done | awk '$3 != $5 && $5 != "(0)" \
+done | awk -F: '$3 != $5 && $5 != "(0)" \
         { print "user=" $2 $3 " : home directory is owned by " $4 $5 "." }
      $1 ~ /^d....w/ && $2 != "lp" && $2 != "mail" \
         { print "user=" $2 $3" : home directory is group writable." }