3 # $RCSfile: scan_passwd,v $$Revision: 4.1 $$Date: 92/08/07 17:20:38 $
5 # This scans passwd file for security holes.
7 open(Pass,'/etc/passwd') || die "Can't open passwd file: $!\n";
8 # $dotriv = (`date` =~ /^Mon/);
12 ($login,$pass,$uid,$gid,$gcos,$home,$shell) = split(/:/);
18 if (index(":sync:lpq:+:", ":$login:") < 0) {
19 print "No pass: $login\t$gcos\n";
22 elsif ($dotriv && crypt($login,substr($pass,0,2)) eq $pass) {
23 print "Trivial: $login\t$gcos\n";
26 if ($login !~ /^.?root$/ && $pass ne '*') {
27 print "Extra root: $_";