From owner-freebsd-security Wed Oct 30 16:31:38 1996 Return-Path: owner-security Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id QAA12654 for security-outgoing; Wed, 30 Oct 1996 16:31:38 -0800 (PST) Received: from postoffice.cso.uiuc.edu (postoffice.cso.uiuc.edu [128.174.5.11]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id QAA12644 for ; Wed, 30 Oct 1996 16:31:19 -0800 (PST) Received: from alecto.physics.uiuc.edu (alecto.physics.uiuc.edu [128.174.83.167]) by postoffice.cso.uiuc.edu (8.6.12/8.6.12) with ESMTP id TAA135468; Wed, 30 Oct 1996 19:31:14 -0500 Received: by alecto.physics.uiuc.edu (940816.SGI.8.6.9/940406.SGI) id SAA18957; Wed, 30 Oct 1996 18:31:05 -0600 From: igor@alecto.physics.uiuc.edu (Igor Roshchin) Message-Id: <199610310031.SAA18957@alecto.physics.uiuc.edu> Subject: Re: /etc/security To: clary@elec.uq.edu.au (Clary Harridge) Date: Wed, 30 Oct 1996 18:31:05 -0600 (CST) Cc: freebsd-security@freebsd.org In-Reply-To: <199610302332.JAA21364@s5.elec.uq.edu.au> from "Clary Harridge" at Oct 31, 96 09:32:18 am X-Mailer: ELM [version 2.4 PL24] Content-Type: text Sender: owner-security@freebsd.org X-Loop: FreeBSD.org Precedence: bulk I think, this is a nice feature (unless, of coarse, you have to be dealing with Windows.) It's nice to have an alert, that somebody created a file with the name which is most probably should not exist on a Unix box. Thus, this suggestion should not be implemented, but should really be an option to choose, if one needs. Using this opportunity want to mention a small bug related to /etc/daily. I noticed this an year ago. Once an year you will not receive you daily report. Because the default time is 2:00, /etc/daily never runs on the day when we have a change of date in spring, or runs twice in autumn. (or something like that, I forgot the details) Thus, I think it would be wise to change it to 0:45, for example. Regards, IgoR aka StR * * * * * * * * * * Igor Roshchin Physics Department e-mail: igor@uiuc.edu University of Illinois FAX : (217) 333-9819 at Urbana-Champaign Phone : (217) 333-6088 (off) 1110 West Green Street Phone : (217) 328-2013 (home) Urbana, IL, 61801, USA http://www.physics.uiuc.edu/~igor * * * * * * * * * * > > A suggestion for /etc/security > > The current version falls over when checking for suid / sgid files > when the file names contain spaces. These file names are generated > by win95 when your FreeBSD host runs as a samba server. > Any such suid files just get dropped by the find but give errors. > > You get lots of errors like > > find: /u1/staff/matt/Mail/ GPutland: illegal path > find: /u1/staff/matt/Mail/ Email: illegal path > > I would suggest > REPLACING > ================================================================ > while test $# -ge 1; do > mount=$1 > shift > find -X $mount -xdev -type f \ > \( -perm -u+x -or -perm -g+x -or -perm -o+x \) \ > \( -perm -u+s -or -perm -g+s \) | sort > done | xargs -n 20 ls -lgTd > $TMP > ================================================================ > WITH > ================================================================ > find $mount -xdev -type f \ > \( -perm -u+x -or -perm -g+x -or -perm -o+x \) \ > \( -perm -u+s -or -perm -g+s \) -a -exec ls -lgTd {} ";" > done > $TMP > ================================================================ > > -- > regards Dept. of Electrical Engineering, > Clary Harridge University of Queensland, QLD, Australia, 4072 > Phone: +61-7-3365-3636 Fax: +61-7-3365-4999 > INTERNET: clary@elec.uq.edu.au >