Date: Sat, 24 Aug 1996 16:11:42 -0400 From: pirzyk@faf.disney.com To: FreeBSD-gnats-submit@freebsd.org Subject: misc/1538: new /etc/security script Message-ID: <199608242011.QAA19207@amigo.cpm.com> Resent-Message-ID: <199608242350.QAA12294@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 1538
>Category: misc
>Synopsis: enhanced /etc/security script
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-bugs
>State: open
>Class: change-request
>Submitter-Id: current-users
>Arrival-Date: Sat Aug 24 16:50:01 PDT 1996
>Last-Modified:
>Originator: Jim Pirzyk
>Organization:
Walt Disney Feature Animation Florida
>Release: FreeBSD 2.1-STABLE i386
>Environment:
All FreeBSD systems.
>Description:
Add more security checks in the /etc/security script.
>How-To-Repeat:
>Fix:
Here are the context diffs for /etc/security.
*** /etc/security Sat Aug 24 16:00:46 1996
--- /etc/security.bak Thu Nov 16 04:58:43 1995
***************
*** 39,63 ****
echo ""
echo "checking for uids of 0:"
awk 'BEGIN {FS=":"} $3=="0" {print $1,$3}' /etc/master.passwd
-
- echo ""
- echo ""
- echo "checking for accounts without passwords:"
- awk -F: '$2=="" && $1 != "+" {print $1}' /etc/master.passwd
-
- echo ""
- echo ""
- echo "checking for accounts with duplicate uids:"
- sort -t: +2n /etc/master.passwd | awk -F: 'BEGIN { duplicate = -1; } $1 != "+" && $3 != 0 {if (duplicate == $3) { print $1, name; } duplicate = $3; name = $1; }'
-
- echo ""
- echo ""
- echo "checking for world exported filesystems:"
- sed -e '/^\#/d' -e '/^[ \t]*$/d' /etc/exports | awk 'NF < 2 { print }'
-
- echo ""
- echo ""
- echo "checking for block & character device files not in /dev:"
- find / -fstype local -name /dev -prune \( -type b -o -type c \) -exec ls -l {} \; | awk '{ print; }'
-
- exit $?
--- 39,41 ----
>Audit-Trail:
>Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199608242011.QAA19207>