diff options
| author | Frederic Lepied <flepied@mandriva.com> | 2002-08-30 12:20:34 +0000 |
|---|---|---|
| committer | Frederic Lepied <flepied@mandriva.com> | 2002-08-30 12:20:34 +0000 |
| commit | e4887d67549570e45a384c1c6ea2968710b70527 (patch) | |
| tree | fe9489267347a5fcca54651ade298fb908af3072 /cron-sh | |
| parent | 89cbae7ddfea0a55656c639da86a7f931c7a6ff1 (diff) | |
| download | msec-e4887d67549570e45a384c1c6ea2968710b70527.tar msec-e4887d67549570e45a384c1c6ea2968710b70527.tar.gz msec-e4887d67549570e45a384c1c6ea2968710b70527.tar.bz2 msec-e4887d67549570e45a384c1c6ea2968710b70527.tar.xz msec-e4887d67549570e45a384c1c6ea2968710b70527.zip | |
writeable => writable
Diffstat (limited to 'cron-sh')
| -rwxr-xr-x | cron-sh/diff_check.sh | 48 | ||||
| -rwxr-xr-x | cron-sh/security.sh | 16 | ||||
| -rwxr-xr-x | cron-sh/security_check.sh | 30 |
3 files changed, 47 insertions, 47 deletions
diff --git a/cron-sh/diff_check.sh b/cron-sh/diff_check.sh index bccfc44..ac7c10c 100755 --- a/cron-sh/diff_check.sh +++ b/cron-sh/diff_check.sh @@ -28,10 +28,10 @@ if [[ ${CHECK_SUID_ROOT} == yes ]]; then if ! diff -u ${SUID_ROOT_YESTERDAY} ${SUID_ROOT_TODAY} > ${SUID_ROOT_DIFF}; then printf "\nSecurity Warning: Change in Suid Root files found :\n" >> ${TMP} grep '^+' ${SUID_ROOT_DIFF} | grep -vw "^+++ " | sed 's|^.||' | while read file; do - printf "\t\t- Newly added suid root file : ${file}\n" + printf "\t\t- Newly added suid root file : ${file}\n" done >> ${TMP} grep '^-' ${SUID_ROOT_DIFF} | grep -vw "^--- " | sed 's|^.||' | while read file; do - printf "\t\t- No more present suid root file : ${file}\n" + printf "\t\t- No longer present suid root file : ${file}\n" done >> ${TMP} fi fi @@ -45,10 +45,10 @@ if [[ ${CHECK_SUID_GROUP} == yes ]]; then if ! diff -u ${SUID_GROUP_YESTERDAY} ${SUID_GROUP_TODAY} > ${SUID_GROUP_DIFF}; then printf "\nSecurity Warning: Changes in Sgid files found :\n" >> ${TMP} grep '^+' ${SUID_GROUP_DIFF} | grep -vw "^+++ " | sed 's|^.||' | while read file; do - printf "\t\t- Newly added sgid file : ${file}\n" + printf "\t\t- Newly added sgid file : ${file}\n" done >> ${TMP} grep '^-' ${SUID_GROUP_DIFF} | grep -vw "^--- " | sed 's|^.||' | while read file; do - printf "\t\t- No more present sgid file : ${file}\n" + printf "\t\t- No longer present sgid file : ${file}\n" done >> ${TMP} fi fi @@ -56,17 +56,17 @@ if [[ ${CHECK_SUID_GROUP} == yes ]]; then fi ### Writable files detection -if [[ ${CHECK_WRITEABLE} == yes ]]; then +if [[ ${CHECK_WRITABLE} == yes ]]; then - if [[ -f ${WRITEABLE_YESTERDAY} ]]; then - diff -u ${WRITEABLE_YESTERDAY} ${WRITEABLE_TODAY} > ${WRITEABLE_DIFF} - if [ -s ${WRITEABLE_DIFF} ]; then - printf "\nSecurity Warning: Change in World Writeable Files found :\n" >> ${TMP} - grep '^+' ${WRITEABLE_DIFF} | grep -vw "^+++ " | sed 's|^.||' | while read file; do - printf "\t\t- Newly added writables files : ${file}\n" + if [[ -f ${WRITABLE_YESTERDAY} ]]; then + diff -u ${WRITABLE_YESTERDAY} ${WRITABLE_TODAY} > ${WRITABLE_DIFF} + if [ -s ${WRITABLE_DIFF} ]; then + printf "\nSecurity Warning: Change in World Writable Files found :\n" >> ${TMP} + grep '^+' ${WRITABLE_DIFF} | grep -vw "^+++ " | sed 's|^.||' | while read file; do + printf "\t\t- Newly added writable file : ${file}\n" done >> ${TMP} - grep '^-' ${WRITEABLE_DIFF} | grep -vw "^--- " | sed 's|^.||' | while read file; do - printf "\t\t- No more present writables file : ${file}\n" + grep '^-' ${WRITABLE_DIFF} | grep -vw "^--- " | sed 's|^.||' | while read file; do + printf "\t\t- No longer present writable file : ${file}\n" done >> ${TMP} fi fi @@ -81,10 +81,10 @@ if [[ ${CHECK_UNOWNED} == yes ]]; then if [ -s ${UNOWNED_USER_DIFF} ]; then printf "\nSecurity Warning: the following files aren't owned by an user :\n" >> ${TMP} grep '^+' ${UNOWNED_USER_DIFF} | grep -vw "^+++ " | sed 's|^.||' | while read file; do - printf "\t\t- Newly added un-owned file : ${file}\n" + printf "\t\t- Newly added un-owned file : ${file}\n" done >> ${TMP} grep '^-' ${UNOWNED_USER_DIFF} | grep -vw "^--- " | sed 's|^.||' | while read file; do - printf "\t\t- No more present un-owned file : ${file}\n" + printf "\t\t- No longer present un-owned file : ${file}\n" done >> ${TMP} fi fi @@ -94,10 +94,10 @@ if [[ ${CHECK_UNOWNED} == yes ]]; then if [ -s ${UNOWNED_GROUP_DIFF} ]; then printf "\nSecurity Warning: the following files aren't owned by a group :\n" >> ${TMP} grep '^+' ${UNOWNED_GROUP_DIFF} | grep -vw "^+++ " | sed 's|^.||' | while read file; do - printf "\t\t- Newly added un-owned file : ${file}\n" + printf "\t\t- Newly added un-owned file : ${file}\n" done >> ${TMP} grep '^-' ${UNOWNED_GROUP_DIFF} | grep -vw "^--- " | sed 's|^.||' | while read file; do - printf "\t\t- No more present un-owned file : ${file}\n" + printf "\t\t- No longer present un-owned file : ${file}\n" done >> ${TMP} fi fi @@ -118,7 +118,7 @@ if [[ ${CHECK_SUID_MD5} == yes ]]; then printf "\tmaybe an intruder modified one of these suid binary in order to put in a backdoor...\n" >> ${TMP} ctrl_md5=1; fi - printf "\t\t- Checksum changed files : ${file}\n" + printf "\t\t- Checksum changed file : ${file}\n" fi done >> ${TMP} fi @@ -151,10 +151,10 @@ if [[ ${RPM_CHECK} == yes ]]; then if [ -s ${RPM_QA_DIFF} ]; then printf "\nSecurity Warning: These packages have changed on the system :\n" >> ${TMP} grep '^+' ${RPM_QA_DIFF} | grep -vw "^+++ " | sed 's|^.||' | while read file; do - printf "\t\t- Newly installed package : ${file}\n" + printf "\t\t- Newly installed package : ${file}\n" done >> ${TMP} grep '^-' ${RPM_QA_DIFF} | grep -vw "^--- " | sed 's|^.||' | while read file; do - printf "\t\t- No more present package : ${file}\n" + printf "\t\t- No longer present package : ${file}\n" done >> ${TMP} fi fi @@ -163,10 +163,10 @@ if [[ ${RPM_CHECK} == yes ]]; then if [ -s ${RPM_VA_DIFF} ]; then printf "\nSecurity Warning: These files belonging to packages have changed of status on the system :\n" >> ${TMP} grep '^+' ${RPM_VA_DIFF} | grep -vw "^+++ " | sed 's|^.||' | while read file; do - printf "\t\t- Newly modified : ${file}\n" + printf "\t\t- Newly modified : ${file}\n" done >> ${TMP} grep '^-' ${RPM_VA_DIFF} | grep -vw "^--- " | sed 's|^.||' | while read file; do - printf "\t\t- No more modified : ${file}\n" + printf "\t\t- No longer modified : ${file}\n" done >> ${TMP} fi fi @@ -175,10 +175,10 @@ if [[ ${RPM_CHECK} == yes ]]; then if [ -s ${RPM_VA_CONFIG_DIFF} ]; then printf "\nSecurity Warning: These config files belonging to packages have changed of status on the system :\n" >> ${TMP} grep '^+' ${RPM_VA_CONFIG_DIFF} | grep -vw "^+++ " | sed 's|^.||' | while read file; do - printf "\t\t- Newly modified : ${file}\n" + printf "\t\t- Newly modified : ${file}\n" done >> ${TMP} grep '^-' ${RPM_VA_CONFIG_DIFF} | grep -vw "^--- " | sed 's|^.||' | while read file; do - printf "\t\t- No more modified : ${file}\n" + printf "\t\t- No longer modified : ${file}\n" done >> ${TMP} fi fi diff --git a/cron-sh/security.sh b/cron-sh/security.sh index 2828f71..7c51395 100755 --- a/cron-sh/security.sh +++ b/cron-sh/security.sh @@ -49,9 +49,9 @@ SUID_MD5_DIFF="/var/log/security/suid_md5.diff" export OPEN_PORT_TODAY="/var/log/security/open_port.today" OPEN_PORT_YESTERDAY="/var/log/security/open_port.yesterday" OPEN_PORT_DIFF="/var/log/security/open_port.diff" -export WRITEABLE_TODAY="/var/log/security/writeable.today" -WRITEABLE_YESTERDAY="/var/log/security/writeable.yesterday" -WRITEABLE_DIFF="/var/log/security/writeable.diff" +export WRITABLE_TODAY="/var/log/security/writable.today" +WRITABLE_YESTERDAY="/var/log/security/writable.yesterday" +WRITABLE_DIFF="/var/log/security/writable.diff" export UNOWNED_USER_TODAY="/var/log/security/unowned_user.today" UNOWNED_USER_YESTERDAY="/var/log/security/unowned_user.yesterday" UNOWNED_USER_DIFF="/var/log/security/unowned_user.diff" @@ -91,8 +91,8 @@ if [[ -f ${SUID_GROUP_TODAY} ]]; then mv ${SUID_GROUP_TODAY} ${SUID_GROUP_YESTERDAY}; fi -if [[ -f ${WRITEABLE_TODAY} ]]; then - mv ${WRITEABLE_TODAY} ${WRITEABLE_YESTERDAY}; +if [[ -f ${WRITABLE_TODAY} ]]; then + mv ${WRITABLE_TODAY} ${WRITABLE_YESTERDAY}; fi if [[ -f ${UNOWNED_USER_TODAY} ]]; then @@ -142,9 +142,9 @@ if [[ -f ${SUID_GROUP_TODAY} ]]; then mv -f ${SUID_GROUP_TODAY}.tmp ${SUID_GROUP_TODAY} fi -if [[ -f ${WRITEABLE_TODAY} ]]; then - sort < ${WRITEABLE_TODAY} | egrep -v '^(/var)?/tmp$' > ${WRITEABLE_TODAY}.tmp - mv -f ${WRITEABLE_TODAY}.tmp ${WRITEABLE_TODAY} +if [[ -f ${WRITABLE_TODAY} ]]; then + sort < ${WRITABLE_TODAY} | egrep -v '^(/var)?/tmp$' > ${WRITABLE_TODAY}.tmp + mv -f ${WRITABLE_TODAY}.tmp ${WRITABLE_TODAY} fi if [[ -f ${UNOWNED_USER_TODAY} ]]; then diff --git a/cron-sh/security_check.sh b/cron-sh/security_check.sh index 1e9b5cc..dbac4f4 100755 --- a/cron-sh/security_check.sh +++ b/cron-sh/security_check.sh @@ -28,11 +28,11 @@ if [[ ! -d /var/log/security ]]; then mkdir /var/log/security fi -### Writeable file detection -if [[ ${CHECK_WRITEABLE} == yes ]]; then - if [[ -s ${WRITEABLE_TODAY} ]]; then - printf "\nSecurity Warning: World Writeable files found :\n" >> ${SECURITY} - cat ${WRITEABLE_TODAY} | awk '{print "\t\t- " $0}' >> ${SECURITY} +### Writable file detection +if [[ ${CHECK_WRITABLE} == yes ]]; then + if [[ -s ${WRITABLE_TODAY} ]]; then + printf "\nSecurity Warning: World Writable files found :\n" >> ${SECURITY} + cat ${WRITABLE_TODAY} | awk '{print "\t\t- " $0}' >> ${SECURITY} fi fi @@ -76,16 +76,16 @@ done | awk '$1 != $6 && $6 != "0" \ $4 ~ /^-......r/ \ { print "\t\t- " $3 " : file is other readable." } $4 ~ /^-....w/ \ - { print "\t\t- " $3 " : file is group writeable." } + { print "\t\t- " $3 " : file is group writable." } $4 ~ /^-.......w/ \ - { print "\t\t- " $3 " : file is other writeable." }' > ${TMP} + { print "\t\t- " $3 " : file is other writable." }' > ${TMP} if [[ -s ${TMP} ]]; then printf "\nSecurity Warning: these files shouldn't be owned by someone else or readable :\n" >> ${SECURITY} cat ${TMP} >> ${SECURITY} fi -### Files that should not be owned by someone else or writeable. +### Files that should not be owned by someone else or writable. list=".bashrc .bash_profile .bash_login .bash_logout .cshrc .emacs .exrc \ .forward .klogin .login .logout .profile .tcshrc .fvwmrc .inputrc .kshrc \ .nexrc .screenrc .ssh .ssh/config .ssh/authorized_keys .ssh/environment \ @@ -101,16 +101,16 @@ while read username uid homedir; do done | awk '$1 != $6 && $6 != "0" \ { print "\t\t- " $3 " : file is owned by uid " $6 "." } $4 ~ /^.....w/ \ - { print "\t\t- " $3 " : file is group writeable." } + { print "\t\t- " $3 " : file is group writable." } $4 ~ /^........w/ \ - { print "\t\t- " $3 " : file is other writeable." }' > ${TMP} + { print "\t\t- " $3 " : file is other writable." }' > ${TMP} if [[ -s ${TMP} ]]; then - printf "\nSecurity Warning: theses files should not be owned by someone else or writeable :\n" >> ${SECURITY} + printf "\nSecurity Warning: theses files should not be owned by someone else or writable :\n" >> ${SECURITY} cat ${TMP} >> ${SECURITY} fi -### Check home directories. Directories should not be owned by someone else or writeable. +### Check home directories. Directories should not be owned by someone else or writable. awk -F: '/^[^+-]/ { print $1 " " $3 " " $6 }' /etc/passwd | \ while read username uid homedir; do if [[ -d ${homedir} ]] ; then @@ -122,12 +122,12 @@ while read username uid homedir; do done | awk '$3 != $5 && $5 != "(0)" \ { print "user=" $2 $3 " : home directory is owned by " $4 $5 "." } $1 ~ /^d....w/ && $2 != "lp" && $2 != "mail" \ - { print "user=" $2 $3" : home directory is group writeable." } + { print "user=" $2 $3" : home directory is group writable." } $1 ~ /^d.......w/ \ - { print "user=" $2 $3" : home directory is other writeable." }' > ${TMP} + { print "user=" $2 $3" : home directory is other writable." }' > ${TMP} if [[ -s $TMP ]] ; then - printf "\nSecurity Warning: these home directory should not be owned by someone else or writeable :\n" >> ${SECURITY} + printf "\nSecurity Warning: these home directory should not be owned by someone else or writable :\n" >> ${SECURITY} cat ${TMP} >> ${SECURITY} fi fi # End of check perms |