#!/usr/bin/perl -T
-# $OpenBSD: security,v 1.24 2014/03/23 22:08:15 sthen Exp $
+# $OpenBSD: security,v 1.25 2014/04/20 22:15:49 ajacoutot Exp $
#
# Copyright (c) 2011, 2012 Ingo Schwarze <schwarze@openbsd.org>
# Copyright (c) 2011 Andrew Fresh <andrew@afresh1.com>
}
}
-# Files that should not have + signs.
-sub check_hosts_equiv {
- foreach my $base (qw(hosts.equiv shosts.equiv hosts.lpd)) {
- my $filename = "/etc/$base";
- next unless -s $filename;
- nag !(open my $fh, '<', $filename),
- "open: $filename: $!"
- and next;
- nag /^\+/ && !/^\+@/,
- "Plus sign in $filename file."
- while <$fh>;
- close $fh;
- }
+# hosts.lpd should not have + signs.
+sub check_hosts_lpd {
+ my $filename = '/etc/hosts.lpd';
+ -s $filename or return;
+ nag !(open my $fh, '<', $filename), "open: $filename: $!" and return;
+ nag /^\+/ && !/^\+@/,
+ "Plus sign in $filename file."
+ while <$fh>;
+ close $fh;
}
sub find_homes {
$check_title = "Checking configuration files:";
check_mail_aliases;
check_hostname_if;
-check_hosts_equiv;
+check_hosts_lpd;
$check_title = "Checking for special users with .rhosts/.shosts files.";
my $homes = find_homes;
check_rhosts_owner @$_ foreach @$homes;
-.\" $OpenBSD: security.8,v 1.22 2014/03/23 22:08:59 sthen Exp $
+.\" $OpenBSD: security.8,v 1.23 2014/04/20 22:15:49 ajacoutot Exp $
.\"
.\" David Leonard, 2001. Public Domain.
.\"
-.Dd $Mdocdate: March 23 2014 $
+.Dd $Mdocdate: April 20 2014 $
.Dt SECURITY 8
.Os
.Sh NAME
Check for suspicious commands in
.Pa /etc/mail/aliases .
.It
-Check for insecurities in various trust files such as
-.Pa /etc/hosts.equiv , /etc/shosts.equiv ,
-and
+Check for insecurities in
.Pa /etc/hosts.lpd .
.It
Check user
projects / openbsd / commitdiff