security.d/chk_mailbox@8ba6a0e2d2ca
security.d/chk_mailbox
Sat, 31 Mar 2007 13:32:06 +0200
- author
- mbse
- date
- Sat, 31 Mar 2007 13:32:06 +0200
- changeset 0
- 8ba6a0e2d2ca
- child 14
- 59e07bba67cc
- permissions
- -rw-r--r--
Initial revision
#!/bin/bash # # $Id$ # ############################################################################# # Copyright (C) 2005-2007 # # Michiel Broek <mbse@mbse.eu> # Beekmansbos 10 # 1971 BV IJmuiden # the Netherlands # # This file is part of SlackSecCheckSripts. # # This package is free software; you can redistribute it and/or modify it # under the terms of the GNU General Public License as published by the # Free Software Foundation; either version 2, or (at your option) any # later version. # # SlackSecCheckSripts is distributed in the hope that it will be useful, but # WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU # General Public License for more details. # # You should have received a copy of the GNU General Public License # along with MBSE BBS; see the file COPYING. If not, write to the Free # Software Foundation, 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA. ############################################################################# PATH=/sbin:/usr/sbin:/bin:/usr/bin umask 077 TZ=UTC; export TZ LANG=C; export LANG SECUREDIR=`mktemp -d /tmp/_securedir.XXXXXX` || exit 1 trap "/bin/rm -rf $SECUREDIR ; exit 0" EXIT INT QUIT PIPE if ! cd "$SECUREDIR"; then echo "Can not cd to $SECUREDIR". exit 1 fi OUTPUT=secure1.$$ # Mailboxes should be owned by user and unreadable. # /bin/ls -l /var/spool/mail | \ awk ' NR == 1 { next; } $3 != $9 { printf "\tUser %s mailbox is owned by %s.\n", $9, $3 } $1 != "-rw-rw----" || $4 != "mail" { printf "\tUser %s mailbox is %s, group %s.\n", $9, $1, $4 }' > $OUTPUT if [ -s $OUTPUT ] ; then printf "\nChecking mailbox ownership.\n" cat $OUTPUT fi
