Bug#1766: Bug in script checksecurity in package cron
I have a problem with the script checksecurity, which
apparently come with cron. The problem is with the lines that
generate the /var/log/setuid.today file (patch follows).
Explanation: The mount | grep -v command is the problem for
anyone who has more than one partitions mounted; the script actually
tries to run find with multiple starting points (which is an error),
like find dir1 dir2 dir3 -xdev ... The solution is to look at all
the directories discovered by the mount snippet and examine each in a
for loop. (This has been one of my more incoherent explanations; feel
free to mail me for clarifications).
Also, I think one should exclude all mounted systems of type
msdos (If nothing else, it save time).
__> dpkg -S checksecurity
> diff -u -B -b -w /usr/sbin/checksecurity.dist /usr/sbin/checksecurity
--- /usr/sbin/checksecurity.dist Wed Sep 20 20:52:12 1995
+++ /usr/sbin/checksecurity Thu Oct 19 11:05:23 1995
@@ -10,10 +10,9 @@
-find `mount | grep -vE ' type (proc|iso9660) |^/dev/fd| on /mnt' | cut -d ' ' -f 3` \
- -xdev \( -type f -perm +06000 -o -type b -o -type c \) -ls \
- | sort >$TMP
+for dir in `mount | grep -vE ' type (proc|iso9660|msdos) |^/dev/fd| on /mnt' | cut -d ' ' -f 3`; do
+ /usr/bin/find $dir -xdev \( -type f -perm +06000 -o -type b -o -type c \) -ls ;
+done | sort >$TMP
if ! cmp -s $LOG/setuid.today $TMP >/dev/null
-- ...difference of opinion is advantageious in religion. The several
sects perform the office of a common censor morum over each other.
Is uniformity attainable? Millions of innocent men, women, and
children, since the introduction of Christianity, have been burnt,
tortured, fined, imprisoned; yet we have not advanced one inch
towards uniformity. Thomas Jefferson, "Notes on Virginia"
Manoj Srivastava Project Pilgrim, Department of Computer Science
Phone: (413) 545-3918 A143B Lederle Graduate Research Center
Fax: (413) 545-1249 University of Massachusetts, Amherst, MA 01003