Bash:如何检查是否只有一个 root id 并且所有用户 UID 都是唯一的?
[英]Bash: how to check if there is only one root id and all user UIDs are unique?
问题描述
我在这里有这个 bash 脚本,我试图修改它以检查是否只有一个 root id,它是否容易受到攻击,目前,这个脚本只检查是否有重复的 uid 并显示共享相同 uid 的用户。 提前致谢! :)
Bash 脚本:
#!/bin/bash
/bin/cat /etc/passwd| /bin/cut -f3 -d":" | /bin/sort -n | /usr/bin/uniq-c | while
read x ; do
[ -z "${x}" ] && break
set -$x
if [ $1 -gt1 ]; then
users=`/bin/gawk -F: '($3 == n) { print $1 }' n=$2 /etc/passwd| /usr/bin/xargs`
echo "Duplicate UID ($2): ${users}"
fi
done
预期输出:
Audit criteria: There is only one root id
Vulnerability: Yes
Details: See below
root:!:0:0::/:/usr/bin/bash
jdoe:*:0:1:John Doe:/home/jdoe:/usr/bin/bash
2 个解决方案
解决方案1
0 2017-01-22 08:06:04
您可以大大简化脚本,因为您要查找的只是用户 ID 0,即 root:
#!/bin/bash
root_count=$(cut -f3 -d":" /etc/passwd | grep -wc 0)
if [[ $root_count > 1 ]]; then
users=$(awk -F: '($3 == 0) { print $1 }' /etc/passwd | xargs)
echo "Duplicate roots: ${users}"
fi
解决方案2
0 2017-01-26 07:11:00
您可以使用awk来找出awk :
if ! awk -F: '$3==0{c++}END{exit !(c<2)}' /etc/passwd ; then
echo "More than one user with uid 0"
fi
Bash - 如何检查一个文件中的id字符串是否在另一个文件的id范围策略中?
[英]Bash - How to check if an id string in one file is in an id range policy in another file?
如何检测哪个用户已从一台服务器登录到另一台服务器(仅root用户访问权限)
[英]How to detect which user has logged from one server to another(root access only)
如何在RedHat的bash脚本中输入密码而不切换到root用户
[英]how to switch to root user without entering password in bash script on RedHat
如何 cron 需要 root 用户访问权限才能运行的 bash 脚本
[英]How to cron a bash script which requires root user access to run
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.