The administrator
should take care to ensure that no rogue set-UID programs have been introduced
into the system. In addition, if possible, the administrator should attempt a
Set-UID audit and reduction. To check for these run the following script:
#!/bin/bash
for part in `awk '($3 == "ext2" || $3 == "ext3") { print $2 }' /etc/fstab`
do
find $part -xdev \( -perm -04000 -o -perm -02000 \) -type f -print
done
No comments:
Post a Comment