142328Sbostic#!/bin/sh - 242328Sbostic# 3*52215Sbostic# @(#)security 5.8 (Berkeley) 01/16/92 442328Sbostic# 542328SbosticPATH=/sbin:/bin:/usr/bin 642328Sbostic 752151Sbostichost=`hostname` 842328Sbosticecho "Subject: $host security check output" 942328Sbostic 10*52215Sbosticumask 22 11*52215Sbostic 1242328SbosticLOG=/var/log 13*52215SbosticTMP1=/tmp/_secure1.$$ 14*52215SbosticTMP2=/tmp/_secure2.$$ 1542328Sbostic 1652151Sbosticecho "" 1752143Sbosticecho "Checking setuid files and devices:" 18*52215Sbostic(find / \( ! -fstype local \) -a -prune -o \( -perm -u+s -o -perm -g+s \ 19*52215Sbostic -o ! -type d -a ! -type f -a ! -type l \) | sort >$TMP1) 2>$TMP2 2042328Sbostic 21*52215Sbosticif [ -s $TMP2 ] ; then 22*52215Sbostic echo "$host setuid/device find errors:" 23*52215Sbostic cat $TMP2 24*52215Sbostic echo ""; echo "" 2542328Sbosticfi 2642328Sbostic 27*52215Sbosticif cmp $LOG/setuid.today $TMP1 >/dev/null; then :; else 28*52215Sbostic echo "$host setuid/device additions:" 29*52215Sbostic ls -lgT `join -v1 $LOG/setuid.today $TMP1` 30*52215Sbostic echo ""; echo "" 31*52215Sbostic echo "$host setuid/device deletions:" 32*52215Sbostic ls -lgT `join -v2 $LOG/setuid.today $TMP1` 33*52215Sbostic 34*52215Sbostic mv $LOG/setuid.current $LOG/setuid.backup 35*52215Sbostic mv $TMP1 $LOG/setuid.current 36*52215Sbosticfi 37*52215Sbosticrm -f $TMP1 $TMP2 38*52215Sbostic 3942328Sbosticecho "" 4042328Sbosticecho "" 4152143Sbosticecho "Checking for uids of 0:" 4242328Sbosticawk 'BEGIN {FS=":"} $3=="0" {print $1,$3}' /etc/master.passwd 43