blob: 58f9fcd69d40f4dbe99d2bdd6a55de0e18142b6c (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
|
#!/usr/bin/perl
# $RCSfile: scan_passwd,v $$Revision: 1.3 $$Date: 1999/04/29 22:51:21 $
# This scans passwd file for security holes.
open(Pass,'/etc/passwd') || die "Can't open passwd file: $!\n";
# $dotriv = (`date` =~ /^Mon/);
$dotriv = 1;
while (<Pass>) {
($login,$pass,$uid,$gid,$gcos,$home,$shell) = split(/:/);
if ($shell eq '') {
print "Short: $_";
}
next if /^[+]/;
if ($pass eq '') {
if (index(":sync:lpq:+:", ":$login:") < 0) {
print "No pass: $login\t$gcos\n";
}
}
elsif ($dotriv && crypt($login,substr($pass,0,2)) eq $pass) {
print "Trivial: $login\t$gcos\n";
}
if ($uid == 0) {
if ($login !~ /^.?root$/ && $pass ne '*') {
print "Extra root: $_";
}
}
}
|