I want to periodically check if ASCII password/config files on Unix[solaris8] have 400 or 600 access. Folders and files are owned by designated group and user. Folders and Files do not have world write access.
Are there any tools/scripts available for this kind of auditing that I can use on Solaris?
I am thinking in terms of ignoring link files. Not worrying about owner of files that has GID bit set. [ these two scenarios I know ]
Are there any other scenarios that are not more evident but should be considered for this kind of generic script !? One example is check for broken link files!
You could also check the checksum of the files. This gives a unique number associated with the file and its contents. If the contents change but the size, permissions and mod time stay the same, the checksum will change.
# cd /tmp
# echo "this file is ok" > file
# cksum file
3592584977 16 file
# echo "the file is new" > file
# cksum file
3405287892 16 file
Dont know if this is on the right track, but it is just a simple script that you can put in cron that will check files and email too you. For any other files you want just put them in there as a new line.