Re: rlinetd security
>From Dale Southard on Tuesday, 19 June, 2001:
Hrm. That could be rather easy to implement. The guaranteed
way to see if something's going to be started or not, though,
is still /etc/rc?.d
If you want to, you can replace them and create an easy
script, such as
--/sbin/chkdconfig--
#!/bin/bash
#returns 1 if daemon is enabled, 0 otherwise.
if [ -z "$1" ]; then
echo "Error: No daemon process specified"
exit 0;
fi
configfile=/etc/checkdconfig
line=`grep -i "^$1=" $configfile 2>/dev/null | head -1`
if [ $? -ne 0 ]; then
#No such line existed. Return 0.
fi
setting=`echo $line | sed 's/^.*=//'`;
setting=`echo $setting | perl -we '$_ = <STDIN>; s/\s+//g; print;'`
case "$setting" in
'on'|'ON'|'On'|'oN'|'yes'|'YES'|'Yes'|'YEs'|'yEs'|'yES'|'yeS'|'1')
exit 1
;;
*)
exit 0
;;
esac
exit 0
--end chkdconfig--
please, no comments on my perl or bash-scripting (lack of) abilities. ;)
All that would then remain is to alter the rc scripts to check chkconfig
and to NOT populate it with daemon=value lines. :)
-Joseph
--
Joseph==============================================jap3003@ksu.edu
"IBM were providing source code in the 1960's under similar terms.
VMS source code was available under limited licenses to customers
from the beginning. Microsoft are catching up with 1960."
--Alan Cox, http://www2.usermagnet.com/cox/index.html
Reply to: