What should go into a security-checking shell script?
John F. Haugh II
jfh at rpp386.cactus.org
Tue Oct 24 14:11:57 AEST 1989
In article <363 at nisca.ircc.ohio-state.edu> bernstei at hpuxa.ircc.ohio-state.edu (Dan Bernstein) writes:
>The title is self-explanatory. I'll try to archive all responses.
>
> Subject: Re: What should go into a security-checking shell script?
The real question is what can you afford to not put into your
shell script?
shell is too clumsy for something as important as a security
checking program. There was a little file scanner posted some time
back that can be used as a nice start.
Most of the inode is security-relevant. Owner, group, mode, size
and modification time are all important. The checksum and file
format may also be interesting, so the ability to specify a per-file
checking program is desirable.
--
John F. Haugh II +-Things you didn't want to know:------
VoiceNet: (512) 832-8832 Data: -8835 | The real meaning of EMACS is ...
InterNet: jfh at rpp386.cactus.org | ... EMACS makes a computer slow.
UUCPNet: {texbell|bigtex}!rpp386!jfh +--<><--<><--<><--<><--<><--<><--<><---
More information about the Comp.unix.wizards
mailing list