aboutsummaryrefslogtreecommitdiffstats
path: root/cron-sh
diff options
context:
space:
mode:
authorEugeni Dodonov <eugeni@mandriva.org>2009-01-26 15:36:34 +0000
committerEugeni Dodonov <eugeni@mandriva.org>2009-01-26 15:36:34 +0000
commit96cedd70a93059d9f97e84d526f245d373ab1421 (patch)
treed05407c1e5623d8afc31d6c8bc856c88e2776c33 /cron-sh
parent475339c9034f4b19101a7736b2192ad839bf9211 (diff)
downloadmsec-96cedd70a93059d9f97e84d526f245d373ab1421.tar
msec-96cedd70a93059d9f97e84d526f245d373ab1421.tar.gz
msec-96cedd70a93059d9f97e84d526f245d373ab1421.tar.bz2
msec-96cedd70a93059d9f97e84d526f245d373ab1421.tar.xz
msec-96cedd70a93059d9f97e84d526f245d373ab1421.zip
Running expensive msec_find only when required.
Diffstat (limited to 'cron-sh')
-rwxr-xr-xcron-sh/security.sh13
1 files changed, 6 insertions, 7 deletions
diff --git a/cron-sh/security.sh b/cron-sh/security.sh
index acf3327..982c4e3 100755
--- a/cron-sh/security.sh
+++ b/cron-sh/security.sh
@@ -19,11 +19,6 @@ echo -n $$ > $LCK
trap cleanup 0
-if [[ ! -f /var/lib/msec/security.conf ]]; then
- echo "Can't access /var/lib/msec/security.conf."
- exit 1
-fi
-
if [[ -f /etc/security/msec/security.conf ]]; then
. /etc/security/msec/security.conf
else
@@ -138,8 +133,12 @@ netstat -pvlA inet,inet6 2> /dev/null > ${OPEN_PORT_TODAY};
ionice -c3 -p $$
-# Hard disk related file check; the less priority the better...
-nice --adjustment=+19 /usr/bin/msec_find ${DIR}
+# only running this check when really required
+if [[ ${CHECK_SUID_MD5} == yes || ${CHECK_SUID_ROOT} == yes || ${CHECK_SGID} == yes || ${CHECK_WRITABLE} == yes || ${CHECK_UNOWNED} == yes ]]; then
+
+ # Hard disk related file check; the less priority the better...
+ nice --adjustment=+19 /usr/bin/msec_find ${DIR}
+fi
if [[ -f ${SUID_ROOT_TODAY} ]]; then
sort < ${SUID_ROOT_TODAY} > ${SUID_ROOT_TODAY}.tmp