Commit | Line | Data |
378cc40b |
1 | #!/usr/bin/perl |
2 | |
fe14fcc3 |
3 | # $Header: scan_passwd,v 4.0 91/03/20 01:13:18 lwall Locked $ |
378cc40b |
4 | |
5 | # This scans passwd file for security holes. |
6 | |
a687059c |
7 | open(Pass,'/etc/passwd') || die "Can't open passwd file: $!\n"; |
378cc40b |
8 | # $dotriv = (`date` =~ /^Mon/); |
9 | $dotriv = 1; |
10 | |
11 | while (<Pass>) { |
12 | ($login,$pass,$uid,$gid,$gcos,$home,$shell) = split(/:/); |
13 | if ($shell eq '') { |
14 | print "Short: $_"; |
15 | } |
16 | next if /^[+]/; |
17 | if ($pass eq '') { |
18 | if (index(":sync:lpq:+:", ":$login:") < 0) { |
19 | print "No pass: $login\t$gcos\n"; |
20 | } |
21 | } |
22 | elsif ($dotriv && crypt($login,substr($pass,0,2)) eq $pass) { |
23 | print "Trivial: $login\t$gcos\n"; |
24 | } |
25 | if ($uid == 0) { |
26 | if ($login !~ /^.?root$/ && $pass ne '*') { |
27 | print "Extra root: $_"; |
28 | } |
29 | } |
30 | } |