[BACK]Return to security CVS log [TXT][DIR] Up to [local] / src / etc

Diff for /src/etc/Attic/security between version 1.13 and 1.14

version 1.13, 1996/11/30 17:50:58 version 1.14, 1996/12/06 17:17:13
Line 246 
Line 246 
 # Check for special users with .rhosts/.shosts files.  Only root  # Check for special users with .rhosts/.shosts files.  Only root
 # should have .rhosts/.shosts files.  Also, .rhosts/.shosts  # should have .rhosts/.shosts files.  Also, .rhosts/.shosts
 # files should not have plus signs.  # files should not have plus signs.
 awk -F: '$1 != "root" && $1 !~ /^[+-].*$/ && \  awk -F: '$1 != "root" && $1 !~ /^[+-]/ && \
         ($3 < 100 || $1 == "ftp" || $1 == "uucp") \          ($3 < 100 || $1 == "ftp" || $1 == "uucp") \
                 { print $1 " " $6 }' /etc/passwd |                  { print $1 " " $6 }' /etc/passwd |
 while read uid homedir; do  while read uid homedir; do
         for j in .rhosts .shosts; do          for j in .rhosts .shosts; do
                 if [ -f ${homedir}/$j ] ; then                  # Root owned .rhosts/.shosts files are ok.
                   if [ -f ${homedir}/$j -a ! -O ${homedir}/$j ] ; then
                         rhost=`ls -ldgT ${homedir}/$j`                          rhost=`ls -ldgT ${homedir}/$j`
                         printf "$uid: $rhost\n"                          printf "$uid: $rhost\n"
                 fi                  fi
Line 262 
Line 263 
         cat $OUTPUT          cat $OUTPUT
 fi  fi
   
 awk -F: '{ print $1 " " $6 }' /etc/passwd | \  awk -F: '/^[^+-]/ { print $1 " " $6 }' /etc/passwd | \
 while read uid homedir; do  while read uid homedir; do
         for j in .rhosts .shosts; do          for j in .rhosts .shosts; do
                 if [ -s ${homedir}/$j ] ; then                  if [ -s ${homedir}/$j ] ; then
Line 283 
Line 284 
   
 # Check home directories.  Directories should not be owned by someone else  # Check home directories.  Directories should not be owned by someone else
 # or writeable.  # or writeable.
 awk -F: '{ if ($1 !~ /^[+-].*$/) print $1 " " $6 }' /etc/passwd | \  awk -F: '/^[^+-]/ { print $1 " " $6 }' /etc/passwd | \
 while read uid homedir; do  while read uid homedir; do
         if [ -d ${homedir}/ ] ; then          if [ -d ${homedir}/ ] ; then
                 file=`ls -ldgT ${homedir}`                  file=`ls -ldgT ${homedir}`
Line 303 
Line 304 
   
 # Files that should not be owned by someone else or readable.  # Files that should not be owned by someone else or readable.
 list=".netrc .rhosts .shosts"  list=".netrc .rhosts .shosts"
 awk -F: '{ print $1 " " $6 }' /etc/passwd | \  awk -F: '/^[^+-]/ { print $1 " " $6 }' /etc/passwd | \
 while read uid homedir; do  while read uid homedir; do
         for f in $list ; do          for f in $list ; do
                 file=${homedir}/${f}                  file=${homedir}/${f}
Line 326 
Line 327 
 # Files that should not be owned by someone else or writeable.  # Files that should not be owned by someone else or writeable.
 list=".bashrc .cshrc .emacs .exrc .forward .klogin .login .logout \  list=".bashrc .cshrc .emacs .exrc .forward .klogin .login .logout \
       .profile .tcshrc"        .profile .tcshrc"
 awk -F: '{ print $1 " " $6 }' /etc/passwd | \  awk -F: '/^[^+-]/ { print $1 " " $6 }' /etc/passwd | \
 while read uid homedir; do  while read uid homedir; do
         for f in $list ; do          for f in $list ; do
                 file=${homedir}/${f}                  file=${homedir}/${f}
Legend:
Removed from v.1.13  
changed lines
  Added in v.1.14