Steve Grubb submits: Env_audit is a program that ferrets out everything it can about the environment. It is ideal for looking for security problems due to misconfiguration or software bugs. Software developers that write any program that shells out to . . .
Steve Grubb submits: Env_audit is a program that ferrets out everything it can about the environment. It is ideal for looking for security problems due to misconfiguration or software bugs. Software developers that write any program that shells out to run a command should be audited with this software. It looks for all process IDs, supplemental groups, working directory & umask, process priority, signal masks, environmental variables, rlimits, capabilities, and leaked file descriptors. The leaked descriptors will identify: regular files, directories, character or block devices, fifo/pipes, sockets, and Sun door descriptors.

It comes with test configurations or instructions for: anacron, apache, atd, crond, dtterm, gdb, inittab, logrotate, php, pppd, procmail, rxvt, sendmail, sshd, stunnel, su, sudo, xinetd, and xterm.

The link for this article located at Steven Grubb is no longer available.