此处的敏感用户是指这个用户属于多个组,或者这个用户属于的组名跟这个用户名不一样
我要评论
#! /bin/bash
#list user who belong to more than one group
#and list user who belong to the group which isn't the same as the username
#w is whitelist,we will not think user in this whitelist is special or dangerous w=("root" "adm" "games" "operator" "halt" "shutdown" "sync" "daemon" "bin" "operator") function whitelist()
{
for i in ${w[@]}
do
if [ "$i" == "$1" ];then
return 1
fi
done
return 0
}
ifs="
" for line in `cat /etc/passwd|awk -f: '{print $1}'` do
whitelist $line;
#if $? equal 1,means it is in the whitelist if [ $? -eq 0 ];then
a=`groups $line|awk -f: '{print $2}'`
b=`echo $a`
if [ "$b" != "$line" ];then
#echo $line echo `groups $line`
fi
fi done
如对本文有疑问, 点击进行留言回复!!
网友评论