aboutsummaryrefslogtreecommitdiffstats
path: root/cron-sh
diff options
context:
space:
mode:
authorYoann Vandoorselaere <yoann@mandriva.com>1999-12-17 15:22:37 +0000
committerYoann Vandoorselaere <yoann@mandriva.com>1999-12-17 15:22:37 +0000
commit35fce927a70a6e882770d33c80949b39e8ee2837 (patch)
treeabbc25b04ac45b5c9b6df15517d50523dc0994ef /cron-sh
parent46c44c4aa32d03cbf640edc1e388d7f4a6cc649a (diff)
downloadmsec-35fce927a70a6e882770d33c80949b39e8ee2837.tar
msec-35fce927a70a6e882770d33c80949b39e8ee2837.tar.gz
msec-35fce927a70a6e882770d33c80949b39e8ee2837.tar.bz2
msec-35fce927a70a6e882770d33c80949b39e8ee2837.tar.xz
msec-35fce927a70a6e882770d33c80949b39e8ee2837.zip
*** empty log message ***
Diffstat (limited to 'cron-sh')
-rwxr-xr-xcron-sh/diff_check.sh9
-rwxr-xr-xcron-sh/security_check.sh25
2 files changed, 15 insertions, 19 deletions
diff --git a/cron-sh/diff_check.sh b/cron-sh/diff_check.sh
index 6c22184..603edf6 100755
--- a/cron-sh/diff_check.sh
+++ b/cron-sh/diff_check.sh
@@ -14,15 +14,6 @@ if [[ ${CHECK_SECURITY} == no ]]; then
exit 0
fi
-# Modified filters coming from debian security scripts.
-CS_NFSAFS='(nfs|afs|xfs|coda)'
-CS_TYPES=' type (devpts|auto|proc|msdos|fat|vfat|iso9660|ncpfs|smbfs|'$CS_NFSAFS')'
-CS_DEVS='^/dev/fd'
-CS_DIRS='on /mnt'
-FILTERS="$CS_TYPES|$CS_DEVS|$CS_DIRS"
-DIR=`mount | grep -vE "$FILTERS" | cut -d ' ' -f3`
-###
-
SUID_ROOT_TODAY="/var/log/security/suid_root.today"
SUID_ROOT_YESTERDAY="/var/log/security/suid_root.yesterday"
SUID_ROOT_DIFF="/var/log/security/suid_root.diff"
diff --git a/cron-sh/security_check.sh b/cron-sh/security_check.sh
index 87c7043..d7d6ff3 100755
--- a/cron-sh/security_check.sh
+++ b/cron-sh/security_check.sh
@@ -7,7 +7,7 @@
if [[ -f /etc/security/msec/security.conf ]]; then
. /etc/security/msec/security.conf
else
- echo "/etc/security/msec/security.conf don't exist."
+ echo "/etc/security/msec/security.conf don't exist."
exit 1
fi
@@ -43,30 +43,35 @@ Ttylog() {
### Writeable file detection
if [[ ${CHECK_WRITEABLE} == yes ]]; then
- find ${DIR} -xdev -type f -perm -2 -ls -print | awk '{print $11}' | sort > ${TMP}
+ find ${DIR} -xdev -type f -perm -2 -print | sort > ${TMP}
if [[ -s ${TMP} ]]; then
printf "\nSecurity Warning: World Writeable Files found :\n" >> ${SECURITY}
- cat ${TMP} >> ${SECURITY}
+ cat ${TMP} | awk '{print "\t\t- " $0}' >> ${SECURITY}
fi
fi
### Search Un Owned file
if [[ ${CHECK_UNOWNED} == yes ]]; then
- find ${DIR} -xdev -nouser -print -ls | awk '{print $11}' | sort > ${TMP}
+ find ${DIR} -xdev -nouser -print | sort > ${TMP}
+
if [[ -s ${TMP} ]]; then
printf "\nSecurity Warning : the following file aren't owned by any user :\n" >> ${SECURITY}
- printf "\ttheses files now have user \"nobody\" as their owner." >> ${SECURE_LOG}
- cat ${TMP} >> ${SECURITY}
- cat ${TMP} | while read line; do chown nobody ${line}; done
+ printf "\ttheses files now have user \"nobody\" as their owner." >> ${SECURITY_LOG}
+ cat ${TMP} | awk '{print "\t\t- " $0}' >> ${SECURITY}
+ cat ${TMP} | while read line; do
+ chown nobody ${line};
+ done
fi
- find $DIR -xdev -nogroup -print -ls | awk '{print $11}' | sort > ${TMP}
+ find $DIR -xdev -nogroup -print | sort > ${TMP}
if [[ -s ${TMP} ]]; then
printf "\nSecurity Warning : the following file aren't owned by any group :\n" >> ${SECURITY}
printf "\ttheses files now have group \"nogroup\" as their group owner." >> ${SECURITY}
- cat ${TMP} >> ${SECURITY}
- cat ${TMP} | while read line; do chgrp nogroup ${line}; done
+ cat ${TMP} | awk '{print "\t\t- " $0}' >> ${SECURITY}
+ cat ${TMP} | while read line; do
+ chgrp nogroup ${line};
+ done
fi
fi