From owner-freebsd-hackers  Mon Feb 24 20:24:56 1997
Return-Path: <owner-hackers>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id UAA20067
          for hackers-outgoing; Mon, 24 Feb 1997 20:24:56 -0800 (PST)
Received: from kuoi.asui.uidaho.edu (qmailr@kuoi.asui.uidaho.edu [129.101.191.123])
          by freefall.freebsd.org (8.8.5/8.8.5) with SMTP id UAA20059
          for <hackers@freebsd.org>; Mon, 24 Feb 1997 20:24:49 -0800 (PST)
Received: (qmail 12165 invoked by uid 1003); 25 Feb 1997 04:24:12 -0000
Date: Mon, 24 Feb 1997 20:24:11 -0800 (PST)
From: faried nawaz <fn@kuoi.asui.uidaho.edu>
Reply-To: faried nawaz <fn@kuoi.asui.uidaho.edu>
To: hackers@freebsd.org
Subject: /etc/security change (was Re: disabling setuid sh/csh)
In-Reply-To: <199702242120.OAA25018@phaeton.artisoft.com>
Message-ID: <Pine.BSF.3.95.970224201318.11208C-100000@kuoi.asui.uidaho.edu>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-hackers@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

On Mon, 24 Feb 1997, Terry Lambert wrote:

$ What's harder is hacked /usr/bin/passwd, /usr/bin/login, /sbin/init,
$ /usr/libexec/telnetd, /usr/libexec/rlogind, etc. with the date set
$ back.

This reminds me -- /etc/security currently does

[...]
        find $mount -xdev -type f \
                \( -perm -u+x -or -perm -g+x -or -perm -o+x \) \
                \( -perm -u+s -or -perm -g+s \)  -print0
done | xargs -0 -n 20 ls -lgTd | sort +9 > $TMP
[...]


How about changing the arguments of ls to "lcTd"?

"-g" is obsolete and probably should be removed, too.


faried.
-- 
faried nawaz
box 3582, moscow id 83843-1914