Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 24 Feb 1997 11:45:54 +0300
From:      Vadim Kolontsov <vadim@tversu.ac.ru>
To:        freebsd-security@FreeBSD.Org
Subject:   Re: improved setuid and device file checker for /etc/security
Message-ID:  <19970224114554.12677@mailserv.tversu.ac.ru>
In-Reply-To: <199702230636.WAA22830@salsa.gv.tsc.tdk.com>; from Don Lewis on Feb 02, 1997 at 10:36:27PM -0800
References:  <199702230636.WAA22830@salsa.gv.tsc.tdk.com>
next in thread | previous in thread | raw e-mail | index | archive | help 

On Feb 02, 1997 at 10:36:27PM -0800, Don Lewis wrote:

> At least in the case of /etc/security, I came up with a scheme that should
> be a lot more automatic.
> I also added device file checking (other than their timestamps which tend
> do get updated). 

   Here is my contribution to /etc/security... It works fine on my machine.
   I've added more convinient (I hope :) scheme to check (and backup) 
some important files. Also checking for users's .rhosts added

---------------------------- cut here ------------------------------------
BAK=/var/backups
CHECKFILES="aliases master.passwd group aliases security hosts.equiv"

echo ""
echo "Backuping and checking some files:"
for i in $CHECKFILES ; do
  if cmp -s $BAK/$i /etc/$i; then echo " * $i"; else
	echo " * /etc/$i diffs:"
	echo ----------------------------------------------------------
	diff $BAK/$i /etc/$i
	echo ----------------------------------------------------------
	mv $BAK/$i $BAK/$i.bak
	cp -p /etc/$i $BAK
  fi
done

echo ""
echo "Looking for user's .rhosts"
for pwdentry in `awk 'BEGIN { FS=":" } {printf $1"@"$6" "}' /etc/passwd`; do
	user=`echo $pwdentry | sed "s/@.*//g"`
	homedir=`echo $pwdentry | sed "s/.*@//g"`
	if [ -e $homedir/.rhosts ] ; then
	 if cmp -s $BAK/rhosts/$user $homedir/.rhosts ; then echo " * $user"; else
	    echo "  * $user's .rhosts diffs:"
	    echo ----------------------------------------------------------
	    diff $BAK/rhosts/$user $homedir/.rhosts
	    echo ----------------------------------------------------------
	    mv $BAK/rhosts/$user $BAK/rhosts/$user.bak
	    cp -p $homedir/.rhosts $BAK/rhosts/$user
	  fi
	fi
done
---------------------------- cut here ------------------------------------

--------------------------------------------------------------------------
Vadim Kolontsov                                          SysAdm/Programmer 
Tver Regional Center of New Information Technologies          Networks Lab

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19970224114554.12677>