aboutsummaryrefslogtreecommitdiffstats
path: root/cron-sh/security_check.sh
diff options
context:
space:
mode:
authorAxalon Bloodstone <axalon@mandriva.com>1999-12-08 04:47:02 +0000
committerAxalon Bloodstone <axalon@mandriva.com>1999-12-08 04:47:02 +0000
commitd7ed5a39e70b3db57af31f7e05243bed4d310d6a (patch)
treea8266680398f610fa8ff33262bfca5a934aefa05 /cron-sh/security_check.sh
parentf6e711e44dbb883790bdf6a566aa4628e488e14c (diff)
downloadmsec-d7ed5a39e70b3db57af31f7e05243bed4d310d6a.tar
msec-d7ed5a39e70b3db57af31f7e05243bed4d310d6a.tar.gz
msec-d7ed5a39e70b3db57af31f7e05243bed4d310d6a.tar.bz2
msec-d7ed5a39e70b3db57af31f7e05243bed4d310d6a.tar.xz
msec-d7ed5a39e70b3db57af31f7e05243bed4d310d6a.zip
Handle usernames longer than 8 chars
uses ls -n and moves a couple $1 to $3 and such blah blah
Diffstat (limited to 'cron-sh/security_check.sh')
-rwxr-xr-xcron-sh/security_check.sh20
1 files changed, 10 insertions, 10 deletions
diff --git a/cron-sh/security_check.sh b/cron-sh/security_check.sh
index 5dffc48..6c174d8 100755
--- a/cron-sh/security_check.sh
+++ b/cron-sh/security_check.sh
@@ -77,23 +77,23 @@ fi
if [ ${CHECK_PERMISSIONS}=="yes" ]; then
# Files that should not be owned by someone else or readable.
list=".netrc .rhosts .shosts .Xauthority .pgp/secring.pgp .ssh/identity .ssh/random_seed"
-awk -F: '/^[^+-]/ { print $1 " " $6 }' /etc/passwd | \
+awk -F: '/^[^+-]/ { print $3 " " $6 }' /etc/passwd | \
while read uid homedir; do
for f in ${list} ; do
file="${homedir}/${f}"
if [ -f ${file} ] ; then
- printf "${uid} ${f} `ls -ldcg ${file}`\n"
+ printf "${uid} ${f} `ls -ldcgn ${file}`\n"
fi
done
-done | awk '$1 != $5 && $5 != "root" \
+done | awk '$1 != $5 && $5 != "0" \
{ print "\t\tuser=" $1 ", file=" $2 " : file is owned by " $5 }
- $3 ~ /^-...r/ \
+ $3 ~ /^-....w/ \
{ print "\t\tuser=" $1 ", file=" $2 " : file is group readable" }
- $3 ~ /^-......r/ \
+ $3 ~ /^-....w/ \
{ print "\t\tuser=" $1 ", file=" $2 " : file is other readable" }
- $3 ~ /^-....w/ \
+ $3 ~ /^-....w/ \
{ print "\t\tuser=" $1 ", file=" $2 " : file is group writeable" }
- $3 ~ /^-.......w/ \
+ $3 ~ /^-....w/ \
{ print "\t\tuser=" $1 ", file=" $2 " : file is other writeable" }' > ${TMP}
if [ -s ${TMP} ]; then
@@ -107,15 +107,15 @@ list=".bashrc .bash_profile .bash_login .bash_logout .cshrc .emacs .exrc \
.forward .klogin .login .logout .profile .tcshrc .fvwmrc .inputrc .kshrc \
.nexrc .screenrc .ssh .ssh/config .ssh/authorized_keys .ssh/environment \
.ssh/known_hosts .ssh/rc .twmrc .xsession .xinitrc .Xdefaults"
-awk -F: '/^[^+-]/ { print $1 " " $6 }' /etc/passwd | \
+awk -F: '/^[^+-]/ { print $3 " " $6 }' /etc/passwd | \
while read uid homedir; do
for f in ${list} ; do
file="${homedir}/${f}"
if [ -f $file ] ; then
- printf "$uid ${f} `ls -ldcg ${file}`\n"
+ printf "$uid ${f} `ls -ldcgn ${file}`\n"
fi
done
-done | awk '$1 != $5 && $5 != "root" \
+done | awk '$1 != $5 && $5 != "0" \
{ print "\t\t- user=" $1 ", file=" $2 " : file is owned by " $5 }
$3 ~ /^-....w/ \
{ print "\t\t- user=" $1 ", file=" $2 " : file is group writeable" }