head	1.2;
access;
symbols
	RELENG_4_11_0_RELEASE:1.1.1.1
	RELENG_4_11:1.1.1.1.0.20
	RELENG_4_11_BP:1.1.1.1
	RELENG_4_10_0_RELEASE:1.1.1.1
	RELENG_4_10:1.1.1.1.0.18
	RELENG_4_10_BP:1.1.1.1
	RELENG_4_9_0_RELEASE:1.1.1.1
	RELENG_4_9:1.1.1.1.0.16
	RELENG_4_9_BP:1.1.1.1
	RELENG_4_8_0_RELEASE:1.1.1.1
	RELENG_4_8:1.1.1.1.0.14
	RELENG_4_8_BP:1.1.1.1
	RELENG_4_7_0_RELEASE:1.1.1.1
	RELENG_4_7:1.1.1.1.0.12
	RELENG_4_7_BP:1.1.1.1
	RELENG_4_6_2_RELEASE:1.1.1.1
	RELENG_4_6_1_RELEASE:1.1.1.1
	RELENG_4_6_0_RELEASE:1.1.1.1
	RELENG_4_6:1.1.1.1.0.10
	RELENG_4_6_BP:1.1.1.1
	v5_006_01:1.1.1.1
	RELENG_4_5_0_RELEASE:1.1.1.1
	RELENG_4_5:1.1.1.1.0.8
	RELENG_4_5_BP:1.1.1.1
	RELENG_4_4_0_RELEASE:1.1.1.1
	RELENG_4_4:1.1.1.1.0.6
	RELENG_4_4_BP:1.1.1.1
	RELENG_4_3_0_RELEASE:1.1.1.1
	RELENG_4_3:1.1.1.1.0.4
	RELENG_4_3_BP:1.1.1.1
	RELENG_4_2_0_RELEASE:1.1.1.1
	RELENG_4_1_1_RELEASE:1.1.1.1
	PRE_SMPNG:1.1.1.1
	RELENG_4_1_0_RELEASE:1.1.1.1
	v5_006:1.1.1.1
	RELENG_4_0_0_RELEASE:1.1.1.1
	RELENG_4:1.1.1.1.0.2
	RELENG_4_BP:1.1.1.1
	v5_005_03:1.1.1.1
	LWALL:1.1.1;
locks; strict;
comment	@# @;


1.2
date	2002.05.16.10.07.51;	author markm;	state dead;
branches;
next	1.1;

1.1
date	99.05.02.14.19.12;	author markm;	state Exp;
branches
	1.1.1.1;
next	;

1.1.1.1
date	99.05.02.14.19.12;	author markm;	state Exp;
branches;
next	;


desc
@@


1.2
log
@Perl is no longer in base. Long live the port!
@
text
@#!/usr/bin/perl -P

# $RCSfile: scan_suid,v $$Revision: 4.1 $$Date: 92/08/07 17:20:43 $

# Look for new setuid root files.

chdir '/usr/adm/private/memories' || die "Can't cd to memories: $!\n";

($dev,$ino,$mode,$nlink,$uid,$gid,$rdev,$size,$atime,$mtime,$ctime,
   $blksize,$blocks) = stat('oldsuid');
if ($nlink) {
    $lasttime = $mtime;
    $tmp = $ctime - $atime;
    if ($tmp <= 0 || $tmp >= 10) {
	print "WARNING: somebody has read oldsuid!\n";
    }
    $tmp = $ctime - $mtime;
    if ($tmp <= 0 || $tmp >= 10) {
	print "WARNING: somebody has modified oldsuid!!!\n";
    }
} else {
    $lasttime = time - 60 * 60 * 24;	# one day ago
}
$thistime = time;

#if defined(mc300) || defined(mc500) || defined(mc700)
open(Find, 'find / -perm -04000 -print |') ||
	die "scan_find: can't run find";
#else
open(Find, 'find / \( -fstype nfs -prune \) -o -perm -04000 -ls |') ||
	die "scan_find: can't run find";
#endif

open(suid, '>newsuid.tmp');

while (<Find>) {

#if defined(mc300) || defined(mc500) || defined(mc700)
    $x = `/bin/ls -il $_`;
    $_ = $x;
    s/^ *//;
    ($inode,$perm,$links,$owner,$group,$size,$month,$day,$time,$name)
      = split;
#else
    s/^ *//;
    ($inode,$blocks,$perm,$links,$owner,$group,$size,$month,$day,$time,$name)
      = split;
#endif

    if ($perm =~ /[sS]/ && $owner eq 'root') {
	($dev,$ino,$mode,$nlink,$uid,$gid,$rdev,$size,$atime,$mtime,$ctime,
	   $blksize,$blocks) = stat($name);
	$foo = sprintf("%10s%3s %-8s %-8s%9s %3s %2s %s %s\n",
		$perm,$links,$owner,$group,$size,$month,$day,$name,$inode);
	print suid $foo;
	if ($ctime > $lasttime) {
	    if ($ctime > $thistime) {
		print "Future file: $foo";
	    }
	    else {
		$ct .= $foo;
	    }
	}
    }
}
close(suid);

print `sort +7 -8 newsuid.tmp >newsuid 2>&1`;
$foo = `/bin/diff oldsuid newsuid 2>&1`;
print "Differences in suid info:\n",$foo if $foo;
print `mv oldsuid oldoldsuid 2>&1; mv newsuid oldsuid 2>&1`;
print `touch oldsuid 2>&1;sleep 2 2>&1;chmod o+w oldsuid 2>&1`;
print `rm -f newsuid.tmp 2>&1`;

@@ct = split(/\n/,$ct);
$ct = '';
$* = 1;
while ($#ct >= 0) {
    $tmp = shift(@@ct);
    unless ($foo =~ "^>.*$tmp\n") { $ct .= "$tmp\n"; }
}

print "Inode changed since last time:\n",$ct if $ct;

@


1.1
log
@Initial revision
@
text
@@


1.1.1.1
log
@Maintenance releace 3 of perl5.005. Includes support for threads.
@
text
@@
