Path: utzoo!attcan!uunet!seismo!sundc!pitstop!sun!decwrl!labrea!rutgers!mailrus!cornell!uw-beaver!rice!sun-spots-request
From: eggert@sm.unisys.com (Paul Eggert)
Newsgroups: comp.sys.sun
Subject: ``ncheck -s'' sometimes misses security-relevant files
Message-ID: <2358@kalliope.rice.edu>
Date: 16 Dec 88 18:54:40 GMT
Sender: usenet@rice.edu
Organization: Sun-Spots
Lines: 14
Approved: Sun-Spots@rice.edu
Original-Date: Fri, 9 Dec 88 15:02:16 PST
X-Sun-Spots-Digest: Volume 7, Issue 61, message 5 of 12

The Sun Security Features Guide (Part #800-1735-10, 9 May 1988, p. 52)
recommends that ``ncheck -s'' be used periodically to scan filesystems for
security-relevant files.  Unfortunately, ``ncheck -s'' has an internal
limit on the number of files that it reports.  If a filesystem has many
such files, ``ncheck -s'' sometimes silently fails to report some of them.
In SunOS 4.0, where a server's filesystem contains all its clients'
devices, the limit is easily exceeded.  The following SunOS 4.0 shell
command yields all the information that ``ncheck -s'' yields, and can be
used as a workaround.

find mount_point -xdev \
     \( -type b -o -type c -o ! -type d \( -perm -4000 -o -perm -2000 \) \) -ls

[[ It's just a little slower (even if ncheck worked correctly).  --wnl ]]