forked from ports/contrib
61 lines
1.4 KiB
Bash
61 lines
1.4 KiB
Bash
#!/bin/sh -
|
|
#
|
|
# $OpenBSD: security,v 1.68 2004/08/25 19:59:29 millert Exp $
|
|
# from: @(#)security 8.1 (Berkeley) 6/9/93
|
|
|
|
# I borrowed excerpts from the OpenBSD-script security for use on
|
|
# Linux. Although the file doesn't explicitly mention it consider
|
|
# the script BSD-licensed.
|
|
#
|
|
# If you get problems with this script don't bother the people
|
|
# from OpenBSD. And don't bother me either. :p
|
|
|
|
PATH=/bin:/usr/bin:/sbin:/usr/sbin
|
|
|
|
FILESYSTEMS="ext2 ext3 xfs jfs reiserfs hfs hpfs"
|
|
|
|
umask 077
|
|
|
|
BACKUPSDIR=/var/backups
|
|
SHADOW=/etc/shadow
|
|
|
|
if ! DIR=$(mktemp -d /tmp/_secure.XXXXXXXXXX) ; then
|
|
echo "Can't create TEMPFILE, /etc/security didn't run!!!"
|
|
exit 1
|
|
fi
|
|
|
|
ERR=$DIR/_secure1
|
|
TMP1=$DIR/_secure2
|
|
TMP2=$DIR/_secure3
|
|
TMP3=$DIR/_secure4
|
|
LIST=$DIR/_secure5
|
|
OUTPUT=$DIR/_secure6
|
|
|
|
trap 'rm -rf $DIR' 0 1 2 3 13 15
|
|
|
|
# Make a list a paths to exclude in the locate run
|
|
|
|
excludes="! (" or=""
|
|
for fstype in $FILESYSTEMS
|
|
do
|
|
excludes="$excludes $or -fstype $fstype"
|
|
or="-or"
|
|
done
|
|
excludes="$excludes ) -prune"
|
|
|
|
# case X"$PRUNEPATHS" in
|
|
# X) ;;
|
|
# *) for path in $PRUNEPATHS
|
|
# do
|
|
# excludes="$excludes -or -path $path -prune"
|
|
# done;;
|
|
# esac
|
|
|
|
|
|
find $PWD $excludes -type f -perm -0002 > $TMP1 2>&1
|
|
if [ -s $TMP1 ]; then
|
|
echo 'These files are world-writeable!!'
|
|
echo '---------------------------------'
|
|
cat $TMP1
|
|
fi
|