Sheldon Hearn
450f806ba3
Ignore NIS accounts when checking for passwordless accounts.
...
PR: 9639
Reported by: Bob Willcox <bob@pmr.com>
Submitted by: des
1999-06-23 14:23:54 +00:00
Daniel O'Callaghan
b7fe2b6dab
Fix typo: "login failures" -> "login failure"
...
PR: 9424
Submitted by: Lars K*ller <root@cc.fh-lippe.de>
1999-01-10 11:18:59 +00:00
Bill Fumerola
54724311ee
Make periodic(8) and the security mailings reflect the full FQDN, as opposed
...
to a hostname. This will help those who keep a cluster of machines all with
the same hostname but different domain names.
PR: bin/9091
Submitted By: Heikki Suonsivu <hsu@clinet.fi>
No Response From: -current mailing list
1999-01-01 17:37:33 +00:00
Dag-Erling Smørgrav
9338e8728b
Fix typo in previous commit.
...
PR: 7621
Submitted by: Mark Huizer
1998-08-16 10:38:02 +00:00
Dag-Erling Smørgrav
9a29cee2bd
Make /etc/security bitch about passwordless accounts.
...
Use awk -F: rather than 'BEGIN {FS=":"}'
1998-08-11 08:48:54 +00:00
Alexander Langer
e375f2fa06
Detect user id 0 as a number instead of a string. String comparisons
...
fail to detect 00.
PR: 7218
Submitted by: Michal Listos <mcl@Amnesiac.123.org>
Niall Smart <rotel@indigo.ie>
1998-07-08 22:42:08 +00:00
Andreas Klemm
abbfb2cedc
additionally warnings
...
- login failures
- tcp_wrapper messages about refused connections
1998-06-27 11:13:59 +00:00
Alexander Langer
31ea9a843a
Display ipfw rules which have reached the log limit.
1998-02-04 01:53:19 +00:00
Alexander Langer
ba6f0e79c2
Changed ipfw grep string: reject rules are now listed as deny, reset,
...
or unreach.
1997-09-26 01:38:30 +00:00
Brian Somers
1d554918e8
Remove the annoying "cmp: EOF" message when
...
dmesg changes.
1997-08-01 01:25:21 +00:00
Mike Pritchard
27117f574e
Remove the -g option from the "find ... | xargs -ls ..." line.
...
The -g option to ls has been depreciated.
1997-03-03 07:03:50 +00:00
Mike Pritchard
ba565fa6ce
When looking for setuid files, call find with -print0 and xargs with -0.
...
This allows find to pass files with "illegal" characters to xargs in a
safe manner.
Note: due to the manner in which the file names are now passed between
find and xargs, the files are now sorted differently than before.
The first /etc/security run after installing this change may result
in a lot of output when nothing did in fact change.
Closes PR# 1910.
2.2 candidate.
1997-02-23 21:34:34 +00:00
Peter Wemm
79403fe300
Revert $FreeBSD$ to $Id$
1997-02-23 09:21:14 +00:00
Jordan K. Hubbard
1130b656e5
Make the long-awaited change from $Id$ to $FreeBSD$
...
This will make a number of things easier in the future, as well as (finally!)
avoiding the Id-smashing problem which has plagued developers for so long.
Boy, I'm glad we're not using sup anymore. This update would have been
insane otherwise.
1997-01-14 07:20:47 +00:00
Nate Williams
c79a9ab9e5
Whoops, update the comment field while we're at it. (I *hate* the link
...
to freefall!)
1996-10-12 04:56:28 +00:00
Nate Williams
7387fdc643
In the same manner that we log the ipfw entries, log the kernel log
...
messages using the output of dmesg.
1996-10-12 04:51:09 +00:00
Paul Traina
c733dcc306
Move intermediary file generation to /var partition
1996-07-31 06:47:05 +00:00
Alexander Langer
ef1b941ad5
If ipfw is enabled, display packet/byte counters for reject/deny rules
...
that have changed since the last security check.
Make the spacing between sections more consistent.
1996-06-30 19:35:20 +00:00
Peter Wemm
80ed784ffa
If a local ufs filesystem is mounted "nosuid", dont scan it as part of
...
the /etc/security setuid checks. This is useful for things like large
news spool partitions that dont have executables.
Reviewed by: pst
1996-06-30 13:16:21 +00:00
Andrey A. Chernov
32d67daa2b
Exclude devices. Character ones modes changes often and proper names
...
guessing involves too much AI.
1996-04-19 22:28:01 +00:00
Andrey A. Chernov
86d34adf67
Use -X to be xargs-friendly
...
Check devices too, follow original BSD intention
Find only executable files with s-bits, close PR bin/1022
Reset locale to C to have equal results in any case
1996-04-18 10:34:07 +00:00
Andrey A. Chernov
44436d27fe
If no $LOG/setuid.today exists (f.e. first time to run), put
...
warning and make it, all following commands fails in old case
1995-09-15 00:22:31 +00:00
Andrey A. Chernov
ec25d6d6aa
Use -b for diff, ls produce different number of spaces
1995-05-27 01:37:44 +00:00
Andreas Schulz
ccca965b89
Fix a bug, that someone has introduced into /etc/security. It has no longer
...
found SUID files, only SGID files. The find has missed some parantheses.
1995-01-14 13:23:50 +00:00
Rodney W. Grimes
e15e6084f6
From: rich@lamprey.UTMB.EDU (Rich Murphey)
...
Subject: Re: daily insecurity output (fwd)
|From: rgrimes@agora.rain.com (Rodney Grimes)
|
|This is from the new /etc/security script. I no longer get the segmentation
|violation, but now the arg list is too long, some /bin/sh program want to
|fix the current /etc/security ls command so that it is a pipe insteal of
|a back quoted arg?
|
|> checking setuid files and devices:
|> /etc/security: ls: argument list too long
This uses xargs instead. My slip line's down so I can't check it in
at the moment. Rich
1994-01-22 10:54:13 +00:00
Rich Murphey
266e2ce03d
When listing all suid and sgid files list the file itself rather than
...
directorty contents.
1993-12-15 06:42:01 +00:00
Rodney W. Grimes
352c89cfb5
Reworked the search for suid sgid programs to be more like the original and
...
only to run find on local file systems. It now works and no longer gets
the error from sort
1993-10-25 20:13:16 +00:00
Rodney W. Grimes
f45e18ea60
Fixed so that it scans for set uid/gid files. From Rich Murphy and NetBSD,
...
plus some tid bits from me.
1993-09-06 23:12:04 +00:00
Rodney W. Grimes
fb7cd0676b
Fixed daily so that it no longer does accounting since FreeBSD does not
...
yet have the accounting stuff in it. Disabled ncheck search in security
due to missing ncheck.
1993-08-07 09:58:37 +00:00
Rodney W. Grimes
1bf9d5d951
Initial import of 386BSD 0.1 othersrc/etc
1993-06-20 13:41:45 +00:00