HPE Community
Operating System - HP-UX
1847104 Members
5519 Online
110263 Solutions
New Discussion

Re: Checking scripts security

 
SOLVED
Go to solution
Mihails Nikitins
Super Advisor

‎08-01-2000 11:29 PM

‎08-01-2000 11:29 PM

Checking scripts security

Hello,

Using 3rd party or freeware shell scripts is always a security issue.
Please recommend me another script that warns about all suspicious commands inside the script being checked ('rm -f', 'kill', etc.). I would not like re-ivent the wheel.

Many thanks in advance!
KISS - Keep It Simple Stupid
0 Kudos
Reply
4 REPLIES 4
Tim Malnati
Honored Contributor

‎08-02-2000 06:19 AM

‎08-02-2000 06:19 AM

Solution

Re: Checking scripts security

I would suggest that where you obtain this type of code is your first line of defense. The HP Porting Center at http://hpux.cs.utah.edu/ and the mirrors to this in other countries are a solid source of freeware that exists in the communty. Most freeware of any value tends to end up here. In most cases the code has been completely ported to various versions of HPUX (fully compiled and ready to run) and is in use by a somewhat wide group of HP users. Obviously, no freeware is guaranteed, but I have found the applications and utilities to be very reliable from this source.

The second line of defence would be to lock down the directories that are part of the systemwide path (see /etc/PATH). In my mind nobody other than root should typically be modifying anything here. There is a variety of software out there to detect changes to this environment as wells (COPS, etc). The places to watch in particular are /usr/local, /usr/contrib, and /opt. I don't know of any security software that performs a search of shell script coding, but hopefully what I've stated here is of some use.
Reply
Rick Garland
Honored Contributor

‎08-02-2000 07:00 AM

‎08-02-2000 07:00 AM

Re: Checking scripts security

Entries I would like to include are traps so the user cannot break out of a script. If a user is in a captive menu or application and that app allows, say a break as example, trap it so the user cannot get shell prompt
0 Kudos
Reply
Anthony Goonetilleke
Esteemed Contributor

‎08-02-2000 08:49 PM

‎08-02-2000 08:49 PM

Re: Checking scripts security

If you are waooried about security what you probably should be more concerned about is SUID files, I mean people cannot really do an rm on files owned by root or another user etc.

Run something like this

find . ( -perm -004000 -o -perm -002000 ) -type f -print -exec ls -l {} ;

and probably check for files with bad permissions i.e 777 etc...
Minimum effort maximum output!
0 Kudos
Reply
Mihails Nikitins
Super Advisor

‎08-02-2000 11:15 PM

‎08-02-2000 11:15 PM

Re: Checking scripts security

Thanks to all of you, your answers are very helpful. The question was inspired by the recent discussion "System Inventory Script needed". Such scripts require to be run from an account with root privilleges. So, I should consider all security aspects before running them on a mission-critical system. I guess the best security policy is not to run any staff that does not come directly from HP. :)
KISS - Keep It Simple Stupid
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.