From 35fce927a70a6e882770d33c80949b39e8ee2837 Mon Sep 17 00:00:00 2001 From: Yoann Vandoorselaere Date: Fri, 17 Dec 1999 15:22:37 +0000 Subject: *** empty log message *** --- cron-sh/diff_check.sh | 9 --------- cron-sh/security_check.sh | 25 +++++++++++++++---------- 2 files changed, 15 insertions(+), 19 deletions(-) (limited to 'cron-sh') diff --git a/cron-sh/diff_check.sh b/cron-sh/diff_check.sh index 6c22184..603edf6 100755 --- a/cron-sh/diff_check.sh +++ b/cron-sh/diff_check.sh @@ -14,15 +14,6 @@ if [[ ${CHECK_SECURITY} == no ]]; then exit 0 fi -# Modified filters coming from debian security scripts. -CS_NFSAFS='(nfs|afs|xfs|coda)' -CS_TYPES=' type (devpts|auto|proc|msdos|fat|vfat|iso9660|ncpfs|smbfs|'$CS_NFSAFS')' -CS_DEVS='^/dev/fd' -CS_DIRS='on /mnt' -FILTERS="$CS_TYPES|$CS_DEVS|$CS_DIRS" -DIR=`mount | grep -vE "$FILTERS" | cut -d ' ' -f3` -### - SUID_ROOT_TODAY="/var/log/security/suid_root.today" SUID_ROOT_YESTERDAY="/var/log/security/suid_root.yesterday" SUID_ROOT_DIFF="/var/log/security/suid_root.diff" diff --git a/cron-sh/security_check.sh b/cron-sh/security_check.sh index 87c7043..d7d6ff3 100755 --- a/cron-sh/security_check.sh +++ b/cron-sh/security_check.sh @@ -7,7 +7,7 @@ if [[ -f /etc/security/msec/security.conf ]]; then . /etc/security/msec/security.conf else - echo "/etc/security/msec/security.conf don't exist." + echo "/etc/security/msec/security.conf don't exist." exit 1 fi @@ -43,30 +43,35 @@ Ttylog() { ### Writeable file detection if [[ ${CHECK_WRITEABLE} == yes ]]; then - find ${DIR} -xdev -type f -perm -2 -ls -print | awk '{print $11}' | sort > ${TMP} + find ${DIR} -xdev -type f -perm -2 -print | sort > ${TMP} if [[ -s ${TMP} ]]; then printf "\nSecurity Warning: World Writeable Files found :\n" >> ${SECURITY} - cat ${TMP} >> ${SECURITY} + cat ${TMP} | awk '{print "\t\t- " $0}' >> ${SECURITY} fi fi ### Search Un Owned file if [[ ${CHECK_UNOWNED} == yes ]]; then - find ${DIR} -xdev -nouser -print -ls | awk '{print $11}' | sort > ${TMP} + find ${DIR} -xdev -nouser -print | sort > ${TMP} + if [[ -s ${TMP} ]]; then printf "\nSecurity Warning : the following file aren't owned by any user :\n" >> ${SECURITY} - printf "\ttheses files now have user \"nobody\" as their owner." >> ${SECURE_LOG} - cat ${TMP} >> ${SECURITY} - cat ${TMP} | while read line; do chown nobody ${line}; done + printf "\ttheses files now have user \"nobody\" as their owner." >> ${SECURITY_LOG} + cat ${TMP} | awk '{print "\t\t- " $0}' >> ${SECURITY} + cat ${TMP} | while read line; do + chown nobody ${line}; + done fi - find $DIR -xdev -nogroup -print -ls | awk '{print $11}' | sort > ${TMP} + find $DIR -xdev -nogroup -print | sort > ${TMP} if [[ -s ${TMP} ]]; then printf "\nSecurity Warning : the following file aren't owned by any group :\n" >> ${SECURITY} printf "\ttheses files now have group \"nogroup\" as their group owner." >> ${SECURITY} - cat ${TMP} >> ${SECURITY} - cat ${TMP} | while read line; do chgrp nogroup ${line}; done + cat ${TMP} | awk '{print "\t\t- " $0}' >> ${SECURITY} + cat ${TMP} | while read line; do + chgrp nogroup ${line}; + done fi fi -- cgit v1.2.1