From d7ed5a39e70b3db57af31f7e05243bed4d310d6a Mon Sep 17 00:00:00 2001 From: Axalon Bloodstone Date: Wed, 8 Dec 1999 04:47:02 +0000 Subject: Handle usernames longer than 8 chars uses ls -n and moves a couple $1 to $3 and such blah blah --- cron-sh/security_check.sh | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) (limited to 'cron-sh') diff --git a/cron-sh/security_check.sh b/cron-sh/security_check.sh index 5dffc48..6c174d8 100755 --- a/cron-sh/security_check.sh +++ b/cron-sh/security_check.sh @@ -77,23 +77,23 @@ fi if [ ${CHECK_PERMISSIONS}=="yes" ]; then # Files that should not be owned by someone else or readable. list=".netrc .rhosts .shosts .Xauthority .pgp/secring.pgp .ssh/identity .ssh/random_seed" -awk -F: '/^[^+-]/ { print $1 " " $6 }' /etc/passwd | \ +awk -F: '/^[^+-]/ { print $3 " " $6 }' /etc/passwd | \ while read uid homedir; do for f in ${list} ; do file="${homedir}/${f}" if [ -f ${file} ] ; then - printf "${uid} ${f} `ls -ldcg ${file}`\n" + printf "${uid} ${f} `ls -ldcgn ${file}`\n" fi done -done | awk '$1 != $5 && $5 != "root" \ +done | awk '$1 != $5 && $5 != "0" \ { print "\t\tuser=" $1 ", file=" $2 " : file is owned by " $5 } - $3 ~ /^-...r/ \ + $3 ~ /^-....w/ \ { print "\t\tuser=" $1 ", file=" $2 " : file is group readable" } - $3 ~ /^-......r/ \ + $3 ~ /^-....w/ \ { print "\t\tuser=" $1 ", file=" $2 " : file is other readable" } - $3 ~ /^-....w/ \ + $3 ~ /^-....w/ \ { print "\t\tuser=" $1 ", file=" $2 " : file is group writeable" } - $3 ~ /^-.......w/ \ + $3 ~ /^-....w/ \ { print "\t\tuser=" $1 ", file=" $2 " : file is other writeable" }' > ${TMP} if [ -s ${TMP} ]; then @@ -107,15 +107,15 @@ list=".bashrc .bash_profile .bash_login .bash_logout .cshrc .emacs .exrc \ .forward .klogin .login .logout .profile .tcshrc .fvwmrc .inputrc .kshrc \ .nexrc .screenrc .ssh .ssh/config .ssh/authorized_keys .ssh/environment \ .ssh/known_hosts .ssh/rc .twmrc .xsession .xinitrc .Xdefaults" -awk -F: '/^[^+-]/ { print $1 " " $6 }' /etc/passwd | \ +awk -F: '/^[^+-]/ { print $3 " " $6 }' /etc/passwd | \ while read uid homedir; do for f in ${list} ; do file="${homedir}/${f}" if [ -f $file ] ; then - printf "$uid ${f} `ls -ldcg ${file}`\n" + printf "$uid ${f} `ls -ldcgn ${file}`\n" fi done -done | awk '$1 != $5 && $5 != "root" \ +done | awk '$1 != $5 && $5 != "0" \ { print "\t\t- user=" $1 ", file=" $2 " : file is owned by " $5 } $3 ~ /^-....w/ \ { print "\t\t- user=" $1 ", file=" $2 " : file is group writeable" } -- cgit v1.2.1