1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
|
#!/bin/sh
#
# tiger - A UN*X security checking system
# Copyright (C) 1993 Douglas Lee Schales, David K. Hess, David R. Safford
#
# Please see the file `COPYING' for the complete copyright notice.
#
# sub/check_sgid - 11/12/93
#
#-----------------------------------------------------------------------------
# This script is not runnable directly.
#
inputfile="$1"
[ "$CONFIGURED_ALREADY" != "YES" ] && {
echo "--ERROR-- [init008e] This script can not be run directly."
exit 1
}
. $BASEDIR/initdefs
#
# If run in test mode (-t) this will verify that all required
# elements are set.
#
[ "$Tiger_TESTMODE" = 'Y' ] && {
haveallcmds RM FILECMD SGREP LS STRINGS SORT COMM CAT AWK || exit 1
haveallfiles BASEDIR WORKDIR SUID_LIST || exit 1
echo "--CONFIG-- [init003c] $0: Configuration ok..."
exit 0
}
#------------------------------------------------------------------------
echo
echo "# Checking setgid executables..."
haveallfiles BASEDIR WORKDIR || exit 1
#[ -n "$TigerCheckEmbedded" -a "x$Tiger_Embed_Check_SGID" = 'xY' ] && {
# while read file
# do
# $LS -lLd "$file" 2>/dev/null | {
# read p l owner rest
# [ "$owner" = root ] && echo "$file" >> $TigerCheckEmbedded
# }
# done
#}
haveallcmds FILECMD LS SGREP STRINGS && {
while read file
do
$FILECMD "$file" 2>/dev/null | $SGREP script 2>/dev/null && {
message WARN fsys010w "" "File $file is a setgid script:"
$LS $LSGROUP -ld "$file"
}
# $STRINGS - "$file" 2>/dev/null |
# $SGREP '\.\./' 2>/dev/null && {
# $SGREP "$file" $REL_FILE_EXCP 2>/dev/null || {
# message WARN fsys002w "" "setuid program $file has relative pathnames."
# }
# }
done < $inputfile
echo
}
haveallcmds SORT COMM CAT && {
if [ -n "$SGID_LIST" -a -s "$SGID_LIST" ]; then
$SORT $SGID_LIST |
$COMM -23 $inputfile - > $WORKDIR/sgid.list.$$
else
message CONFIG fsys003c "" 'No setgid list... listing all setgid files'
$CAT $inputfile > $WORKDIR/sgid.list.$$
fi
}
haveallcmds LS AWK && {
[ -s $WORKDIR/sgid.list.$$ ] && {
message INFO fsys011i "" 'The following setgid programs are non-standard:'
while read file
do
$LS $LSGROUP -ld "$file"
done < $WORKDIR/sgid.list.$$ |
$AWK '{printf("%10s %-8s %-8s %s\n", $1, $3, $4, $NF);}' |
$SORT
echo
}
}
#
# Try to locate setuid copies of any executables we have signatures
# for.
#
haveallcmds SORT AWK COMM GREP LS SNEFRU &&
haveallfiles SIGNATURE_FILE && {
$SORT $inputfile > $WORKDIR/sgid.$$
$AWK '{print $3}' $SIGNATURE_FILE |
$SORT |
$COMM -13 - $WORKDIR/sgid.$$ |
while read file
do
loc_signature=
case "$p1$p2$p3$p4$p5$p6$p7$p8" in
*[!0-9a-f]*) {
std_signature="$p1"
comment="$p2 $p3 $p4 $p5 $p6 $p7 $p8 $comment"
[ -n "$MD5" ] && loc_signature="`$MD5 < $file`"
}
;;
*) {
std_signature=" $p1 $p2 $p3 $p4 $p5 $p6 $p7 $p8"
[ -n "$SNEFRU" ] && loc_signature="`$SNEFRU < $file`"
}
;;
esac
[ -n "$loc_signature" ] && {
$GREP "$loc_signature" $SIGNATURE_FILE | {
read flag msgid rfile p1 p2 p3 p4 p5 p6 p7 p8 comment
[ -n "$rfile" -a "$file" != "$rfile" ] && {
message ALERT sgid001a "" "\`$file' is a setgid copy of $rfile [$comment]."
$LS -ld $LSGROUP $file
}
}
}
done
}
delete $WORKDIR/sgid.list.$$ $WORKDIR/sgid.$$
|
