===================================================================
RCS file: /cvsrepo/anoncvs/cvs/src/etc/Attic/security,v
retrieving revision 1.10
retrieving revision 1.11
diff -c -r1.10 -r1.11
*** src/etc/Attic/security	1996/09/20 20:35:37	1.10
--- src/etc/Attic/security	1996/10/22 07:58:30	1.11
***************
*** 1,6 ****
  #!/bin/sh -
  #
! #	$OpenBSD: security,v 1.10 1996/09/20 20:35:37 bitblt Exp $
  #
  PATH=/sbin:/usr/sbin:/bin:/usr/bin
  
--- 1,6 ----
  #!/bin/sh -
  #
! #	$OpenBSD: security,v 1.11 1996/10/22 07:58:30 tholo Exp $
  #
  PATH=/sbin:/usr/sbin:/bin:/usr/bin
  
***************
*** 357,362 ****
--- 357,364 ----
  if [ -f /etc/exports ]; then
      # File systems should not be globally exported.
      awk '{
+ 	if ($1 ~ /^#/)
+ 		next;
  	readonly = 0;
  	for (i = 2; i <= NF; ++i) {
  		if ($i ~ /-ro/)
***************
*** 379,385 ****
  pending="\nChecking setuid/setgid files and devices:\n"
  (find / \( ! -fstype local -o -fstype fdesc -o -fstype kernfs \
  		-o -fstype procfs \) -a -prune -o \
! 	-type f -a \( -perm -u+s -o -perm -g+s \) -print -o \
  	! -type d -a ! -type f -a ! -type l -a ! -type s -ls | \
  sort > $LIST) 2> $OUTPUT
  
--- 381,387 ----
  pending="\nChecking setuid/setgid files and devices:\n"
  (find / \( ! -fstype local -o -fstype fdesc -o -fstype kernfs \
  		-o -fstype procfs \) -a -prune -o \
! 	-type f -a \( -perm -u+s -o -perm -g+s \) -ls -o \
  	! -type d -a ! -type f -a ! -type l -a ! -type s -ls | \
  sort > $LIST) 2> $OUTPUT
  
***************
*** 392,398 ****
  fi
  
  # Display any changes in the setuid file list.
! egrep -v '^[bc]' $LIST > $TMP1
  if [ -s $TMP1 ] ; then
  	# Check to make sure uudecode isn't setuid.
  	if grep -w uudecode $TMP1 > /dev/null ; then
--- 394,400 ----
  fi
  
  # Display any changes in the setuid file list.
! egrep -v '^[0-9]+ +[0-9]+ +[bc]' $LIST > $TMP1
  if [ -s $TMP1 ] ; then
  	# Check to make sure uudecode isn't setuid.
  	if grep -w uudecode $TMP1 > /dev/null ; then
***************
*** 408,414 ****
  			:
  		else
  			> $TMP2
! 			join -110 -210 -v2 $CUR $TMP1 > $OUTPUT
  			if [ -s $OUTPUT ] ; then
  				printf "${pending}Setuid additions:\n"
  				pending=
--- 410,416 ----
  			:
  		else
  			> $TMP2
! 			join -112 -212 -v2 $CUR $TMP1 > $OUTPUT
  			if [ -s $OUTPUT ] ; then
  				printf "${pending}Setuid additions:\n"
  				pending=
***************
*** 416,422 ****
  				printf "\n"
  			fi
  
! 			join -110 -210 -v1 $CUR $TMP1 > $OUTPUT
  			if [ -s $OUTPUT ] ; then
  				printf "${pending}Setuid deletions:\n"
  				pending=
--- 418,424 ----
  				printf "\n"
  			fi
  
! 			join -112 -212 -v1 $CUR $TMP1 > $OUTPUT
  			if [ -s $OUTPUT ] ; then
  				printf "${pending}Setuid deletions:\n"
  				pending=
***************
*** 424,430 ****
  				printf "\n"
  			fi
  
! 			sort +9 $TMP2 $CUR $TMP1 | \
  			    sed -e 's/[	 ][	 ]*/ /g' | uniq -u > $OUTPUT
  			if [ -s $OUTPUT ] ; then
  				printf "${pending}Setuid changes:\n"
--- 426,432 ----
  				printf "\n"
  			fi
  
! 			sort +11 $TMP2 $CUR $TMP1 | \
  			    sed -e 's/[	 ][	 ]*/ /g' | uniq -u > $OUTPUT
  			if [ -s $OUTPUT ] ; then
  				printf "${pending}Setuid changes:\n"
***************
*** 450,457 ****
  >$TMP1
  DISKLIST="dk fd hd hk hp jb kra ra rb rd rl rx xd rz sd up wd vnd ccd"
  for i in $DISKLIST; do
! 	egrep "^b.*/${i}[0-9][0-9]*[a-h]$"  $LIST >> $TMP1
! 	egrep "^c.*/r${i}[0-9][0-9]*[a-h]$"  $LIST >> $TMP1
  done
  
  awk '$3 != "root" || $4 != "operator" || $1 !~ /.rw-r-----/ \
--- 452,459 ----
  >$TMP1
  DISKLIST="dk fd hd hk hp jb kra ra rb rd rl rx xd rz sd up wd vnd ccd"
  for i in $DISKLIST; do
! 	egrep "^b.*/${i}[0-9][0-9]*[a-p]$"  $LIST >> $TMP1
! 	egrep "^c.*/r${i}[0-9][0-9]*[a-p]$"  $LIST >> $TMP1
  done
  
  awk '$3 != "root" || $4 != "operator" || $1 !~ /.rw-r-----/ \