[BACK]Return to security CVS log [TXT][DIR] Up to [local] / src / etc

Diff for /src/etc/Attic/security between version 1.53 and 1.54

version 1.53, 2002/07/23 18:26:35 version 1.54, 2002/12/15 13:25:27
Line 141 
Line 141 
                 fi                  fi
                 egrep umask $i |                  egrep umask $i |
                 awk '$2 % 100 < 20 \                  awk '$2 % 100 < 20 \
                         { print "Root umask is group writeable" }                          { print "Root umask is group writable" }
                      $2 % 10 < 2 \                       $2 % 10 < 2 \
                         { print "Root umask is other writeable" }' >> $OUTPUT                          { print "Root umask is other writable" }' >> $OUTPUT
                 SAVE_PATH=$PATH                  SAVE_PATH=$PATH
                 unset PATH                  unset PATH
                 /bin/csh -f -s << end-of-csh > /dev/null 2>&1                  /bin/csh -f -s << end-of-csh > /dev/null 2>&1
Line 162 
Line 162 
                         }                          }
                      }                       }
                      $1 ~ /^d....w/ \                       $1 ~ /^d....w/ \
         { print "Root path directory " $10 " is group writeable." } \          { print "Root path directory " $10 " is group writable." } \
                      $1 ~ /^d.......w/ \                       $1 ~ /^d.......w/ \
         { print "Root path directory " $10 " is other writeable." }' \          { print "Root path directory " $10 " is other writable." }' \
                 < $TMP1 >> $OUTPUT                  < $TMP1 >> $OUTPUT
         fi          fi
 done  done
Line 190 
Line 190 
                 fi                  fi
                 egrep umask $i |                  egrep umask $i |
                 awk '$2 % 100 < 20 \                  awk '$2 % 100 < 20 \
                         { print "Root umask is group writeable" } \                          { print "Root umask is group writable" } \
                      $2 % 10 < 2 \                       $2 % 10 < 2 \
                         { print "Root umask is other writeable" }' >> $OUTPUT                          { print "Root umask is other writable" }' >> $OUTPUT
                 SAVE_PATH=$PATH                  SAVE_PATH=$PATH
                 SAVE_ENV=$ENV                  SAVE_ENV=$ENV
                 unset PATH ENV                  unset PATH ENV
Line 215 
Line 215 
                         }                          }
                      }                       }
                      $1 ~ /^d....w/ \                       $1 ~ /^d....w/ \
         { print "Root path directory " $10 " is group writeable." } \          { print "Root path directory " $10 " is group writable." } \
                      $1 ~ /^d.......w/ \                       $1 ~ /^d.......w/ \
         { print "Root path directory " $10 " is other writeable." }' \          { print "Root path directory " $10 " is other writable." }' \
                 < $TMP1 >> $OUTPUT                  < $TMP1 >> $OUTPUT
   
         fi          fi
Line 242 
Line 242 
         if [ -s $i ] ; then          if [ -s $i ] ; then
                 egrep umask $i |                  egrep umask $i |
                 awk '$2 % 100 < 20 \                  awk '$2 % 100 < 20 \
                         { print "Root umask is group writeable" } \                          { print "Root umask is group writable" } \
                      $2 % 10 < 2 \                       $2 % 10 < 2 \
                         { print "Root umask is other writeable" }' >> $OUTPUT                          { print "Root umask is other writable" }' >> $OUTPUT
                 if egrep PATH= $i > /dev/null ; then                  if egrep PATH= $i > /dev/null ; then
                         SAVE_PATH=$PATH                          SAVE_PATH=$PATH
                         unset PATH                          unset PATH
Line 265 
Line 265 
                                 }                                  }
                             }                              }
                             $1 ~ /^d....w/ \                              $1 ~ /^d....w/ \
                 { print "Root path directory " $10 " is group writeable." } \                  { print "Root path directory " $10 " is group writable." } \
                             $1 ~ /^d.......w/ \                              $1 ~ /^d.......w/ \
                 { print "Root path directory " $10 " is other writeable." }' \                  { print "Root path directory " $10 " is other writable." }' \
                         < $TMP1 >> $OUTPUT                          < $TMP1 >> $OUTPUT
                 fi                  fi
   
Line 360 
Line 360 
 awk '$1 != $4 && $4 != "root" \  awk '$1 != $4 && $4 != "root" \
         { print "user " $1 " home directory is owned by " $4 }          { print "user " $1 " home directory is owned by " $4 }
      $2 ~ /^-....w/ \       $2 ~ /^-....w/ \
         { print "user " $1 " home directory is group writeable" }          { print "user " $1 " home directory is group writable" }
      $2 ~ /^-.......w/ \       $2 ~ /^-.......w/ \
         { print "user " $1 " home directory is other writeable" }' > $OUTPUT          { print "user " $1 " home directory is other writable" }' > $OUTPUT
 if [ -s $OUTPUT ] ; then  if [ -s $OUTPUT ] ; then
         echo "\nChecking home directories."          echo "\nChecking home directories."
         cat $OUTPUT          cat $OUTPUT
Line 387 
Line 387 
      $3 ~ /^-......r/ \       $3 ~ /^-......r/ \
         { print "user " $1 " " $2 " file is other readable" }          { print "user " $1 " " $2 " file is other readable" }
      $3 ~ /^-....w/ \       $3 ~ /^-....w/ \
         { print "user " $1 " " $2 " file is group writeable" }          { print "user " $1 " " $2 " file is group writable" }
      $3 ~ /^-.......w/ \       $3 ~ /^-.......w/ \
         { print "user " $1 " " $2 " file is other writeable" }' > $OUTPUT          { print "user " $1 " " $2 " file is other writable" }' > $OUTPUT
   
 # Files that should not be owned by someone else or writeable.  # Files that should not be owned by someone else or writeable.
 list=".bashrc .bash_profile .bash_login .bash_logout .cshrc \  list=".bashrc .bash_profile .bash_login .bash_logout .cshrc \
Line 410 
Line 410 
 awk '$1 != $5 && $5 != "root" \  awk '$1 != $5 && $5 != "root" \
         { print "user " $1 " " $2 " file is owned by " $5 }          { print "user " $1 " " $2 " file is owned by " $5 }
      $3 ~ /^-....w/ \       $3 ~ /^-....w/ \
         { print "user " $1 " " $2 " file is group writeable" }          { print "user " $1 " " $2 " file is group writable" }
      $3 ~ /^-.......w/ \       $3 ~ /^-.......w/ \
         { print "user " $1 " " $2 " file is other writeable" }' >> $OUTPUT          { print "user " $1 " " $2 " file is other writable" }' >> $OUTPUT
 if [ -s $OUTPUT ] ; then  if [ -s $OUTPUT ] ; then
         echo "\nChecking dot files."          echo "\nChecking dot files."
         cat $OUTPUT          cat $OUTPUT
Legend:
Removed from v.1.53  
changed lines
  Added in v.1.54