#!/bin/sh -
#
-# $OpenBSD: security,v 1.14 1996/12/06 17:17:13 millert Exp $
+# $OpenBSD: security,v 1.15 1996/12/06 17:51:49 millert Exp $
# from: @(#)security 8.1 (Berkeley) 6/9/93
#
}
if (NF != 10)
printf("Line %d has the wrong number of fields.\n", NR);
- if ($1 ~ /^[+-].*$/)
+ if ($1 ~ /^[+-]/)
next;
if ($1 == "")
printf("Line %d has an empty login field.\n", NR);
printf("Login %s has more than 8 characters.\n", $1);
if ($2 == "")
printf("Login %s has no password.\n", $1);
- if (length($2) != 13 && ($10 ~ /.*sh$/ || $10 == ""))
+ if ((length($2) != 13 && ($10 ~ /.*sh$/ || $10 == "")) && system("for i in .rhosts .shosts .klogin ; do test -s "$9"/$i -a ! -O "$9"/$i && exit 1 ; done ; exit 0") != 0)
printf("Login %s is off but still has a valid shell.\n", $1);
if ($3 == 0 && $1 != "root")
printf("Login %s has a user id of 0.\n", $1);
umaskset=no
list="/etc/csh.cshrc /etc/csh.login ${rhome}/.cshrc ${rhome}/.login"
for i in $list ; do
- if [ -f $i ] ; then
+ if [ -s $i ] ; then
if egrep umask $i > /dev/null ; then
umaskset=yes
fi
umaskset=no
list="${rhome}/.profile"
for i in $list; do
- if [ -f $i ] ; then
+ if [ -s $i ] ; then
if egrep umask $i > /dev/null ; then
umaskset=yes
fi
while read uid homedir; do
for j in .rhosts .shosts; do
# Root owned .rhosts/.shosts files are ok.
- if [ -f ${homedir}/$j -a ! -O ${homedir}/$j ] ; then
+ if [ -s ${homedir}/$j -a ! -O ${homedir}/$j ] ; then
rhost=`ls -ldgT ${homedir}/$j`
printf "$uid: $rhost\n"
fi
projects / openbsd / commitdiff