| #
267654 |
|
19-Jun-2014 |
gjb |
Copy stable/9 to releng/9.3 as part of the 9.3-RELEASE cycle.
Approved by: re (implicit)
Sponsored by: The FreeBSD Foundation |
| #
225736 |
|
22-Sep-2011 |
kensmith |
Copy head to stable/9 as part of 9.0-RELEASE release cycle.
Approved by: re (implicit)
|
| #
175906 |
|
02-Feb-2008 |
des |
Eliminate xargs in favor of find -exec {} +
|
| #
175890 |
|
02-Feb-2008 |
des |
Rewrite to consume significantly less memory, by using find -s instead of
find | sort. As a bonus, this simplifies the logic considerably. Also
remove the bogus "overruning the args to ls" comment and the corresponding
"-n 20" argument to xargs; the whole point with xargs is precisely that it
knows how large the argument list can safely get.
Note that the first run of the updated script may hypotheticall produce
false positives due to differences between find's and sort's sorting
algorithm. I haven't seen this during testing, but others might.
MFC after: 2 weeks
|
| #
173873 |
|
23-Nov-2007 |
ru |
Also check setuid executables on ZFS.
|
| #
140186 |
|
13-Jan-2005 |
glebius |
Don't do setuid checks on file systems mounted with noexec option.
Reviewed by: brian, ru
MFC after: 1 week
|
| #
105936 |
|
25-Oct-2002 |
thomas |
Factor out code across various /etc/periodic/security scripts into a
separate file, /etc/periodic/security/security.functions.
Reviewed by: roberto (mentor)
Approved by: re@
|
| #
103903 |
|
24-Sep-2002 |
ache |
Make it work with POSIX sort (POS arg).
All old sorts understand -k too.
|
| #
102398 |
|
25-Aug-2002 |
cjc |
Only create a temporary file if we are actually going to do something
in the script. Eliminates a bug where we create a temp file, but don't
delete it since the rm(1) is only done if the check is enabled.
PR: bin/40960
Submitted by: frf <frf@xocolatl.com>
MFC after: 3 days
|
| #
101281 |
|
03-Aug-2002 |
gshapiro |
If all file systems are marked nosuid, the line:
MP=`mount -t ufs | grep -v " nosuid" | awk '{ print $3 }' | sort`
sets ${MP} to an empty string so the next line:
set ${MP}
actually just dumps all of the shells variables to stdout (and therefore
the security report). Fixed by surrounding the code which goes through the
mounts with a test for an empty string before using ${MP}.
Reviewed by: brian
MFC after: 3 days
|
| #
96805 |
|
17-May-2002 |
brian |
Tighten up temporary file permissions and move them to ${TMPDIR:-/tmp}
Problem reported by: lumpy <lumpy@the.whole.net>
MFC after: 3 days
|
| #
96048 |
|
04-May-2002 |
cjc |
Remove leading whitespace from the setuid file lists.
Due to the way we run ls(1), through xargs(1), the leading whitespace
can change even when the setuid files haven't. To avoid displaying
these lines, we currently run diff(1) with the '-w' option. However,
this is probably not the ideal way to go; there is a very, very small
possibility for diff(1) to miss things is shouldn't. So, with the
leading space cleaned, we can revert to the '-b' option which is
"safer."
PR: conf/37618
Reviewed by: brian
MFC after: 3 days
|
| #
87514 |
|
07-Dec-2001 |
cjc |
Long ago, there was just /etc/daily. Then /etc/security was split out
of /etc/daily. Some time later, /etc/daily became a set of periodic(8)
scripts. Now, this evolution continues, and /etc/security has been
broken into periodic(8) scripts to make local customization easier and
more maintainable.
Reviewed by: ru
Approved by: ru
|