version 1.13, 1996/11/30 17:50:58 |
version 1.14, 1996/12/06 17:17:13 |
|
|
# Check for special users with .rhosts/.shosts files. Only root |
# Check for special users with .rhosts/.shosts files. Only root |
# should have .rhosts/.shosts files. Also, .rhosts/.shosts |
# should have .rhosts/.shosts files. Also, .rhosts/.shosts |
# files should not have plus signs. |
# files should not have plus signs. |
awk -F: '$1 != "root" && $1 !~ /^[+-].*$/ && \ |
awk -F: '$1 != "root" && $1 !~ /^[+-]/ && \ |
($3 < 100 || $1 == "ftp" || $1 == "uucp") \ |
($3 < 100 || $1 == "ftp" || $1 == "uucp") \ |
{ print $1 " " $6 }' /etc/passwd | |
{ print $1 " " $6 }' /etc/passwd | |
while read uid homedir; do |
while read uid homedir; do |
for j in .rhosts .shosts; do |
for j in .rhosts .shosts; do |
if [ -f ${homedir}/$j ] ; then |
# Root owned .rhosts/.shosts files are ok. |
|
if [ -f ${homedir}/$j -a ! -O ${homedir}/$j ] ; then |
rhost=`ls -ldgT ${homedir}/$j` |
rhost=`ls -ldgT ${homedir}/$j` |
printf "$uid: $rhost\n" |
printf "$uid: $rhost\n" |
fi |
fi |
|
|
cat $OUTPUT |
cat $OUTPUT |
fi |
fi |
|
|
awk -F: '{ print $1 " " $6 }' /etc/passwd | \ |
awk -F: '/^[^+-]/ { print $1 " " $6 }' /etc/passwd | \ |
while read uid homedir; do |
while read uid homedir; do |
for j in .rhosts .shosts; do |
for j in .rhosts .shosts; do |
if [ -s ${homedir}/$j ] ; then |
if [ -s ${homedir}/$j ] ; then |
|
|
|
|
# Check home directories. Directories should not be owned by someone else |
# Check home directories. Directories should not be owned by someone else |
# or writeable. |
# or writeable. |
awk -F: '{ if ($1 !~ /^[+-].*$/) print $1 " " $6 }' /etc/passwd | \ |
awk -F: '/^[^+-]/ { print $1 " " $6 }' /etc/passwd | \ |
while read uid homedir; do |
while read uid homedir; do |
if [ -d ${homedir}/ ] ; then |
if [ -d ${homedir}/ ] ; then |
file=`ls -ldgT ${homedir}` |
file=`ls -ldgT ${homedir}` |
|
|
|
|
# Files that should not be owned by someone else or readable. |
# Files that should not be owned by someone else or readable. |
list=".netrc .rhosts .shosts" |
list=".netrc .rhosts .shosts" |
awk -F: '{ print $1 " " $6 }' /etc/passwd | \ |
awk -F: '/^[^+-]/ { print $1 " " $6 }' /etc/passwd | \ |
while read uid homedir; do |
while read uid homedir; do |
for f in $list ; do |
for f in $list ; do |
file=${homedir}/${f} |
file=${homedir}/${f} |
|
|
# Files that should not be owned by someone else or writeable. |
# Files that should not be owned by someone else or writeable. |
list=".bashrc .cshrc .emacs .exrc .forward .klogin .login .logout \ |
list=".bashrc .cshrc .emacs .exrc .forward .klogin .login .logout \ |
.profile .tcshrc" |
.profile .tcshrc" |
awk -F: '{ print $1 " " $6 }' /etc/passwd | \ |
awk -F: '/^[^+-]/ { print $1 " " $6 }' /etc/passwd | \ |
while read uid homedir; do |
while read uid homedir; do |
for f in $list ; do |
for f in $list ; do |
file=${homedir}/${f} |
file=${homedir}/${f} |