What should go into a security-checking shell script?
Wm E Davidsen Jr
davidsen at crdos1.crd.ge.COM
Wed Oct 25 06:43:48 AEST 1989
If you mean a script to be run regularly looking for problems, here
are a few things to look for:
1. any world writable directory (eliminate the obvious,
or just look in user space).
2. any world writable setuid program!
3. Any setuid program (again eliminate the usual system stuff)
4. Check critical programs with length and 2 CRC programs, one
of which is not sum. Write your own, as long as it's not
the same as sum. Check against a protected list.
--
bill davidsen (davidsen at crdos1.crd.GE.COM -or- uunet!crdgw1!crdos1!davidsen)
"The world is filled with fools. They blindly follow their so-called
'reason' in the face of the church and common sense. Any fool can see
that the world is flat!" - anon
More information about the Comp.unix.wizards
mailing list