diff options
| author | Eugeni Dodonov <eugeni@mandriva.org> | 2009-01-26 15:36:34 +0000 |
|---|---|---|
| committer | Eugeni Dodonov <eugeni@mandriva.org> | 2009-01-26 15:36:34 +0000 |
| commit | 96cedd70a93059d9f97e84d526f245d373ab1421 (patch) | |
| tree | d05407c1e5623d8afc31d6c8bc856c88e2776c33 /cron-sh/security.sh | |
| parent | 475339c9034f4b19101a7736b2192ad839bf9211 (diff) | |
| download | msec-96cedd70a93059d9f97e84d526f245d373ab1421.tar msec-96cedd70a93059d9f97e84d526f245d373ab1421.tar.gz msec-96cedd70a93059d9f97e84d526f245d373ab1421.tar.bz2 msec-96cedd70a93059d9f97e84d526f245d373ab1421.tar.xz msec-96cedd70a93059d9f97e84d526f245d373ab1421.zip | |
Running expensive msec_find only when required.
Diffstat (limited to 'cron-sh/security.sh')
| -rwxr-xr-x | cron-sh/security.sh | 13 |
1 files changed, 6 insertions, 7 deletions
diff --git a/cron-sh/security.sh b/cron-sh/security.sh index acf3327..982c4e3 100755 --- a/cron-sh/security.sh +++ b/cron-sh/security.sh @@ -19,11 +19,6 @@ echo -n $$ > $LCK trap cleanup 0 -if [[ ! -f /var/lib/msec/security.conf ]]; then - echo "Can't access /var/lib/msec/security.conf." - exit 1 -fi - if [[ -f /etc/security/msec/security.conf ]]; then . /etc/security/msec/security.conf else @@ -138,8 +133,12 @@ netstat -pvlA inet,inet6 2> /dev/null > ${OPEN_PORT_TODAY}; ionice -c3 -p $$ -# Hard disk related file check; the less priority the better... -nice --adjustment=+19 /usr/bin/msec_find ${DIR} +# only running this check when really required +if [[ ${CHECK_SUID_MD5} == yes || ${CHECK_SUID_ROOT} == yes || ${CHECK_SGID} == yes || ${CHECK_WRITABLE} == yes || ${CHECK_UNOWNED} == yes ]]; then + + # Hard disk related file check; the less priority the better... + nice --adjustment=+19 /usr/bin/msec_find ${DIR} +fi if [[ -f ${SUID_ROOT_TODAY} ]]; then sort < ${SUID_ROOT_TODAY} > ${SUID_ROOT_TODAY}.tmp |