Date: 01 Nov 1997 19:07:34 +0100 From: Wolfram Schneider <wosch@cs.tu-berlin.de> To: Brandon Gillespie <brandon@roguetrader.com> Cc: freebsd-hackers@FreeBSD.ORG Subject: Re: Suggested addition to /etc/security Message-ID: <p1iu3dwqyhl.fsf@panke.panke.de> In-Reply-To: Brandon Gillespie's message of Thu, 30 Oct 1997 10:18:37 -0700 (MST) References: <Pine.BSF.3.96.971030101513.521A-100000@roguetrader.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Done. -Wolfram
wosch 1997/11/01 07:03:06 PST
Modified files:
etc/periodic/weekly Makefile
Added files:
etc/periodic/weekly 340.noid
Log:
Check for files belongs to an unknown user or unknown group.
Do not run by default.
Brandon Gillespie <brandon@roguetrader.com> writes:
> I'm not sure if /etc/security is a good place for it, but I think it would
> be a good idea to add this check (at least once a week) to somewhere:
>
> -------------------------------------------------
> echo "checking for invalid user or group ids:"
>
> find / -nouser -nogroup
> -------------------------------------------------
>
> I have users come and go a lot, and some are in projects, so their files
> can be scattered around the filesystem--not just in their home directory.
> I've added this to my security check, and it helps me to keep on top of
> things.
>
> Since (I think?) the default action of 'pw' and most other user add
> programs is to reuse ids, this is also a security concern..
>
> -Brandon Gillespie
--
Wolfram Schneider <wosch@apfel.de> http://www.apfel.de/~wosch/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?p1iu3dwqyhl.fsf>