File: //scripts.20110531.215904.25158/secureit
#!/usr/bin/perl
# cpanel - secureit Copyright(c) 2010 cPanel, Inc.
# All rights Reserved.
# copyright@cpanel.net http://cpanel.net
# This code is subject to the cPanel license. Unauthorized copying is prohibited
BEGIN { unshift @INC, '/usr/local/cpanel'; }
use Cpanel::SafeRun::Simple ();
#----------------------------------------------------------------------
my @serviceList = ( 'portmap', 'lpd', 'apmd', 'atd', 'gpm', 'innd', 'pcmcia', 'smb', 'xfs', 'ypbind' );
foreach my $serviceName (@serviceList) {
Cpanel::SafeRun::Simple::saferun( '/scripts/cpservice', $serviceName, 'stop' );
Cpanel::SafeRun::Simple::saferun( '/scripts/cpservice', $serviceName, 'disable' );
}
#----------------------------------------------------------------------
@OKSUID = ( "jailshell", "scgiwrap", "helpdesk.cgi", "passwd", "su", "suexec", "exim", "sendmail", "crontab", "fpexe", "wrapper", "cpwrap", "sudo", "sudoedit" );
@OKGUID = ( "procmail", "wall", "man", "crontab" );
$suid = `nice -19 /usr/bin/find /usr -uid 0 -perm +4000;nice -19 /usr/bin/find /sbin -uid 0 -perm +4000;nice -19 /usr/bin/find /bin -uid 0 -perm +4000`;
$guid = `nice -19 /usr/bin/find /usr -uid 0 -perm +2000;nice -19 /usr/bin/find /sbin -uid 0 -perm +2000;nice -19 /usr/bin/find /bin -uid 0 -perm +2000`;
@SUID = split( /\n/, $suid );
@GUID = split( /\n/, $guid );
foreach $item (@SUID) {
$item =~ s/\n//g;
$itemok = 0;
foreach $match (@OKSUID) {
if ( $item =~ /${match}$/ ) {
$itemok = 1;
}
}
if ( $itemok == 0 ) {
system "chmod u-s $item";
}
}
foreach $item (@GUID) {
$item =~ s/\n//g;
$itemok = 0;
foreach $match (@OKGUID) {
if ( $item =~ /${match}$/ ) {
$itemok = 1;
}
}
if ( $itemok == 0 ) {
system "chmod g-s $item";
}
}