elie/debian-cis
1
0
Fork 0
mirror of https://github.com/ovh/debian-cis.git synced 2025-06-24 03:24:34 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fix race condition on /etc/passwd, /etc/shadow and /etc/group

Browse Source
This commit is contained in:
Thibault Ayanides
2020-11-16 14:09:12 +01:00
parent 501ce8c651
commit fbd26ceefa
14 changed files with 21 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
bin/hardening/6.2.11_find_user_forward_files.sh
View File

@ -19,7 +19,7 @@ FILENAME='.forward'
# This function will be called if the script status is on enabled / audit mode
audit () {
for DIR in $(cat /etc/passwd | egrep -v '(root|halt|sync|shutdown)' | awk -F: '($7 != "/usr/sbin/nologin" && $7 != "/bin/false" && $7 !="/nonexistent" ) { print $6 }'); do
for DIR in $(get_db passwd | egrep -v '(root|halt|sync|shutdown)' | awk -F: '($7 != "/usr/sbin/nologin" && $7 != "/bin/false" && $7 !="/nonexistent" ) { print $6 }'); do
debug "Working on $DIR"
for FILE in $DIR/$FILENAME; do
if [ ! -h "$FILE" -a -f "$FILE" ]; then