Fri, 26 Dec 2014 11:43:45 +0100
Added a Makefile, version 0.22
#!/bin/bash # ############################################################################# # Copyright (C) 2005-2014 # # Michiel Broek <mbse at mbse.eu> # # This file is part of SlackSecCheckScripts. # # This package is free software; you can redistribute it and/or modify it # under the terms of the GNU General Public License as published by the # Free Software Foundation; either version 2, or (at your option) any # later version. # # SlackSecCheckScripts is distributed in the hope that it will be useful, but # WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU # General Public License for more details. # # You should have received a copy of the GNU General Public License # along with MBSE BBS; see the file COPYING. If not, write to the Free # Software Foundation, 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA. ############################################################################# PATH=/sbin:/usr/sbin:/bin:/usr/bin umask 077 TZ=UTC; export TZ LANG=C; export LANG SECUREDIR=$(mktemp -d /tmp/_securedir.XXXXXX) || exit 1 trap "/bin/rm -rf $SECUREDIR ; exit 0" EXIT INT QUIT PIPE if ! cd "$SECUREDIR"; then echo "Can not cd to $SECUREDIR". exit 1 fi backup_dir=/var/cache/sscs mkdir -p "$backup_dir" CURR=${backup_dir}/setid.current BACK=${backup_dir}/setid.backup TMP1=$SECUREDIR/tmp1 TMP2=$SECUREDIR/tmp2 TMP3=$SECUREDIR/tmp3 FSS=$( egrep "^\/dev\/| tmpfs" /etc/mtab | awk '{ print $2 }' ) if [ ! -f $CURR ]; then # No database, install new database find $FSS \( -mount \( -perm -u+s -a ! -type d \) -o \( -perm -g+s -a ! -type d \) \) -print0 2>/dev/null | \ xargs -0r /bin/ls -ld --full-time | sort -k9 > $CURR exit fi # Database is present, create temp database # find $FSS \( -mount \( -perm -u+s -a ! -type d \) -o \( -perm -g+s -a ! -type d \) \) -print0 2>/dev/null | \ xargs -0r /bin/ls -ld --full-time | sort -k9 > $TMP1 changed=0 diff $TMP1 $CURR > $TMP2 if [ -s $TMP2 ]; then egrep '>' $TMP2 > $TMP3 if [ -s $TMP3 ]; then printf "\nOld or updated setuid or setgid files:\n" cat $TMP3 | tr '>' ' ' fi egrep '<' $TMP2 > $TMP3 if [ -s $TMP3 ]; then printf "\nNew or updated setuid or setgid files:\n" cat $TMP3 | tr '<' ' ' fi changed=1 fi # If changes were seen, update the database # if [ "$changed" == "1" ]; then cat $CURR > $BACK cat $TMP1 > $CURR fi