--- usr/lib/secchk/security-daily.sh-20031004 Sat Jul 29 22:42:10 2000 +++ usr/lib/secchk/security-daily.sh Sat Oct 4 19:31:15 2003 @@ -304,16 +304,15 @@ # or writeable. awk -F: '/^[^+-]/ { print $1 " " $6 }' /etc/passwd | \ -while read uid homedir; do - if [ -d ${homedir}/ ] ; then - file=`ls -ldg ${homedir}` - printf "$uid $file\n" +while read user homedir; do + if [ -d "${homedir}/" ] ; then + find "$homedir" -maxdepth 0 -printf "$user %04m %n %u\n" fi done | awk '$1 != $4 && $4 != "root" \ { print "user " $1 " : home directory is owned by " $4 } - $2 ~ /^-....w/ \ + int(substr($2,3,1)/2)%2 \ { print "user " $1 " : home directory is group writeable" } - $2 ~ /^-.......w/ \ - { print "user " $1 " : home directory is other writeable" }' > $OUT + int(substr($2,4,1)/2)%2 \ + { print "user " $1 " : home directory is world writeable" }' > $OUT if [ -s "$OUT" ] ; then printf "\nChecking home directories.\n" @@ -351,7 +350,7 @@ while read uid homedir; do for f in $list ; do - file=${homedir}/${f} - if [ -f $file ] ; then - printf "$uid $f `ls -ldcg $file`\n" + file="${homedir}/${f}" + if [ -f "$file" ] ; then + find "$file" -maxdepth 0 -printf "$uid $f %04m %n %u\n" fi done @@ -359,8 +358,8 @@ awk '$1 != $5 && $5 != "root" \ { print "user " $1 " " $2 " : file is owned by " $5 } - $3 ~ /^-....w/ \ + int(substr($3,3,1)/2)%2 \ { print "user " $1 " " $2 " : file is group writeable" } - $3 ~ /^-.......w/ \ - { print "user " $1 " " $2 " : file is other writeable" }' >> $OUT + int(substr($3,4,1)/2)%2 \ + { print "user " $1 " " $2 " : file is world writeable" }' >> $OUT if [ -s "$OUT" ] ; then printf "\nChecking dot files.\n" @@ -368,9 +367,9 @@ fi # Mailboxes should be owned by user and unreadable. -ls -cl /var/spool/mail | sed 1d | \ -awk '$3 != $9 \ - { print "user " $9 " mailbox is owned by " $3 } - $1 != "-rw-------" \ - { print "user " $9 " mailbox is " $1 ", group " $4 }' > $OUT +find /var/spool/mail -not -type d -printf '%04m %n %u %g %f\n' | \ +awk '$3 != $5 \ + { print "user " $5 " mailbox is owned by " $3 } + $1 != "0600" \ + { print "user " $5 " mailbox is " $1 ", group " $4 }' > $OUT if [ -s "$OUT" ] ; then printf "\nChecking mailbox ownership.\n" @@ -425,6 +424,7 @@ if [ -x /usr/bin/lsof ]; then printf "\nThe following programs have got bound sockets:\n" -# /usr/bin/lsof -i -n | awk '{print $1 " \t" $3 " \t"$7 $8 " \t" $9}' | sort | uniq - /usr/bin/lsof -i -n -P | sed 's/....[0-9]u IP.* / /' | sed 's/ FD TYPE DEVICE SIZE NODE NAME/PROTO PORT/' | sed 's/ [0-9][0-9]* / /'|sed 's/ PID / /'|sort -u +## /usr/bin/lsof -i -n | awk '{print $1 " \t" $3 " \t"$7 $8 " \t" $9}' | sort | uniq +# /usr/bin/lsof -i -n -P | sed 's/....[0-9]u IP.* / /' | sed 's/ FD TYPE DEVICE SIZE NODE NAME/PROTO PORT/' | sed 's/ [0-9][0-9]* / /'|sed 's/ PID / /'|sort -u + /usr/bin/lsof -i -n -P | sed -n 's/..[0-9]u IP.. *[0-9]* *\([A-Za-z]\)/ \1/; s/FD TYPE *DEVICE *SIZE *//; s/[0-9 ]\{4\}[0-9] / /; s/ PID//; p' | sort -u fi --- usr/lib/secchk/security-control.sh-20031004SuSE Sat Jul 29 22:42:10 2000 +++ usr/lib/secchk/security-control.sh Sat Oct 4 15:01:49 2003 @@ -66,7 +66,8 @@ disclaimer echo -e "Changes in your daily security configuration of `hostname`:\n" - /usr/bin/diff -u -w "$OLD1" "$OUT1" | sed 's/^@@.*/\ -* Changes (+: new entries, -: removed entries):\ - /' | egrep '^[+*-]|^$' |sed 's/^+++/NEW:/' | sed 's/^---/OLD:/' | sed 's/^[+-]/& /' +# /usr/bin/diff -u -w "$OLD1" "$OUT1" | sed 's/^@@.*/\ +#* Changes (+: new entries, -: removed entries):\ +# /' | egrep '^[+*-]|^$' |sed 's/^+++/NEW:/' | sed 's/^---/OLD:/' | sed 's/^[+-]/& /' + /usr/bin/diff -u -w "$OLD1" "$OUT1" } | $MAILER "$SECCHK_USER" /bin/mv "$OUT1" "$OLD1"