diff options
Diffstat (limited to 'eg/scan/scan_passwd')
| -rw-r--r-- | eg/scan/scan_passwd | 30 |
1 files changed, 30 insertions, 0 deletions
diff --git a/eg/scan/scan_passwd b/eg/scan/scan_passwd new file mode 100644 index 0000000000..62ef1e7794 --- /dev/null +++ b/eg/scan/scan_passwd @@ -0,0 +1,30 @@ +#!/usr/bin/perl + +# $Header: scan_passwd,v 2.0 88/06/05 00:17:49 root Exp $ + +# This scans passwd file for security holes. + +open(Pass,'/etc/passwd') || die "Can't open passwd file"; +# $dotriv = (`date` =~ /^Mon/); +$dotriv = 1; + +while (<Pass>) { + ($login,$pass,$uid,$gid,$gcos,$home,$shell) = split(/:/); + if ($shell eq '') { + print "Short: $_"; + } + next if /^[+]/; + if ($pass eq '') { + if (index(":sync:lpq:+:", ":$login:") < 0) { + print "No pass: $login\t$gcos\n"; + } + } + elsif ($dotriv && crypt($login,substr($pass,0,2)) eq $pass) { + print "Trivial: $login\t$gcos\n"; + } + if ($uid == 0) { + if ($login !~ /^.?root$/ && $pass ne '*') { + print "Extra root: $_"; + } + } +} |