From owner-FreeBSD-users-jp@jp.FreeBSD.org Sun Jun  9 04:19:23 2002
Received: (from daemon@localhost)
	by castle.jp.FreeBSD.org (8.11.6+3.4W/8.11.3) id g58JJNS70592;
	Sun, 9 Jun 2002 04:19:23 +0900 (JST)
	(envelope-from owner-FreeBSD-users-jp@jp.FreeBSD.org)
Received: from localhost (localhost [::1])
	by castle.jp.FreeBSD.org (8.11.6+3.4W/8.11.3) with ESMTP/inet6 id g58JJMW70587
	for <FreeBSD-users-jp@jp.FreeBSD.org>; Sun, 9 Jun 2002 04:19:22 +0900 (JST)
	(envelope-from matsu@jp.FreeBSD.org)
Date: Sun, 09 Jun 2002 04:19:22 +0900 (JST)
Message-Id: <20020609.041922.71185507.matsu@jp.FreeBSD.org>
To: FreeBSD-users-jp@jp.FreeBSD.org
From: Matsumura Naoki <matsu@jp.FreeBSD.org>
In-Reply-To: <200206081842.DAA23726@ns.kobe1995.net>
References: <002901c20e9a$a6b1d560$0602a8c0@iqghc9zrravloex>
	<200206081842.DAA23726@ns.kobe1995.net>
X-Mailer: Mew version 2.1 on Emacs 21.1 / Mule 5.0 (SAKAKI)
Mime-Version: 1.0
Content-Type: Text/Plain; charset=iso-2022-jp
Content-Transfer-Encoding: 7bit
Reply-To: FreeBSD-users-jp@jp.FreeBSD.org
Precedence: list
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+020417
X-Sequence: FreeBSD-users-jp 69125
Subject: [FreeBSD-users-jp 69125] Re: How to find hidden (super) user 
Errors-To: owner-FreeBSD-users-jp@jp.FreeBSD.org
Sender: owner-FreeBSD-users-jp@jp.FreeBSD.org
X-Originator: matsu@jp.FreeBSD.org

$B$^$D$`$i$G$9!#(B

From: kaz@kobe1995.net (NAKAMURA Kazushi)
Subject: [FreeBSD-users-jp 69123] Re: How to find hidden (super) user 

>   $B2?8N$+!VH/8+!W$9$k$3$H$K$3$@$o$C$F$*$i$l$^$9$,!"$=$NI,MW$OL5$$(B
> $B$G$7$g$&!#(Bpwd_mkdb$B$G$9$0F14|$r<h$k$3$H$,=PMh$k$N$G$9$+$i!#F14|$r(B
> $B<h$k%D!<%k$,4{$KB8:_$9$k$N$K!"H/8+$7$+=PMh$J$$%D!<%k$,I,MW$G$9$+!)(B

$BI,MW$@$H;W$$$^$9$h!#(B

$B$b$7H/8+$9$k$3$H$K0UL#$,$J$$$J$i!"IT@5%"%/%;%9$d%]!<%H%9%-%c%s$r(B
$B8!=P$9$k(B IDS $B$NB8:_0U5A$b$J$/$J$k$H;W$$$^$9!#(B

$B$=$l$KCN<1ITB-$+$i(B /etc/passwd $B$rD>@\$$$8$C$F$7$^$&$h$&$J%_%9$b(B
$B8!=P$G$-$^$9$7!#(B


4.5-RELEASE $B$N(B /etc/periodic/daily/450.status-security $B7PM3$G(B
$B<B9T$5$l$k(B /etc/security $B$K$O(B

   echo 'Checking for uids of 0:'
   n=$(awk -F: '/^#/ {next} $3==0 {print $1,$3}' /etc/master.passwd |
       tee /dev/stderr |
       sed -e '/^root 0$/d' -e '/^toor 0$/d' |
       wc -l)
   [ $n -gt 0 -a $rc -lt 1 ] && rc=1

$B$H$"$j$^$9$,!"$3$3$G$5$i$K(B

  - /etc/master.passwd $B$H(B /etc/spwd.db
  - /etc/passwd $B$H(B /etc/pwd.db
  - ($B$D$$$G$K(B) /etc/master.passwd $B$H(B /etc/passwd

$B$N@09g@-%A%'%C%/$b$*$3$J$&$h$&$K$J$C$F$$$?$i!"$h$jK>$^$7$$(B
$B%7%9%F%`$K$J$k$H;W$$$^$9!#(B
