Subject: Re: security/9320: /etc/security output incorrect report about
To: None <gnats-bugs@gnats.netbsd.org>
From: Takahiro Kambe <taca@sky.yamashina.kyoto.jp>
List: netbsd-bugs
Date: 01/31/2000 09:23:02
Oops. This fix may be a little bit better.
--
Takahiro Kambe <taca@sky.yamashina.kyoto.jp>
--- security.orig Sun Jan 16 13:37:20 2000
+++ security Mon Jan 31 09:19:52 2000
@@ -187,15 +187,16 @@
list="/etc/csh.cshrc /etc/csh.login ${rhome}/.cshrc ${rhome}/.login"
for i in $list ; do
if [ -f $i ] ; then
- if egrep umask $i > /dev/null ; then
+ if sed -n -e '/^#/d' -e '/umask/p' $i > /dev/null ; then
umaskset=yes
fi
- egrep umask $i |
- awk '$2 % 100 < 20 \
- { print "\tRoot umask is group writeable" }
- $2 % 10 < 2 \
- { print "\tRoot umask is other writeable" }' \
- >> $OUTPUT
+ awk '/^#/ { next } \
+ /umask/ { \
+ if ($2 % 100 < 20) \
+ {print "\tRoot umask is group writeable"} \
+ else if ($2 % 10 < 2) \
+ {print "\tRoot umask is other writeable"} \
+ }' $i >> $OUTPUT
SAVE_PATH=$PATH
unset PATH
/bin/csh -f -s << end-of-csh > /dev/null 2>&1
@@ -232,15 +233,16 @@
list="/etc/profile ${rhome}/.profile"
for i in $list; do
if [ -f $i ] ; then
- if egrep umask $i > /dev/null ; then
+ if sed -n -e '/^#/d' -e '/umask/p' $i > /dev/null ; then
umaskset=yes
fi
- egrep umask $i |
- awk '$2 % 100 < 20 \
- { print "\tRoot umask is group writeable" } \
- $2 % 10 < 2 \
- { print "\tRoot umask is other writeable" }' \
- >> $OUTPUT
+ awk '/^#/ { next } \
+ /umask/ { \
+ if ($2 % 100 < 20) \
+ {print "\tRoot umask is group writeable"} \
+ else if ($2 % 10 < 2) \
+ {print "\tRoot umask is other writeable"} \
+ }' $i >> $OUTPUT
SAVE_PATH=$PATH
unset PATH
/bin/sh << end-of-sh > /dev/null 2>&1