eggert@sm.unisys.com (Paul Eggert) (12/17/88)
The Sun Security Features Guide (Part #800-1735-10, 9 May 1988, p. 52)
recommends that ``ncheck -s'' be used periodically to scan filesystems for
security-relevant files. Unfortunately, ``ncheck -s'' has an internal
limit on the number of files that it reports. If a filesystem has many
such files, ``ncheck -s'' sometimes silently fails to report some of them.
In SunOS 4.0, where a server's filesystem contains all its clients'
devices, the limit is easily exceeded. The following SunOS 4.0 shell
command yields all the information that ``ncheck -s'' yields, and can be
used as a workaround.
find mount_point -xdev \
\( -type b -o -type c -o ! -type d \( -perm -4000 -o -perm -2000 \) \) -ls
[[ It's just a little slower (even if ncheck worked correctly). --wnl ]]eggert@sm.unisys.com (Paul Eggert) (12/30/88)
[Sorry about submitting the ncheck note twice -- I thought my mailer lost it.]
Regarding 'find', compared to 'ncheck -s':
[[ It's just a little slower (even if ncheck worked correctly). --wnl ]]
I also thought 'find' was slower than 'ncheck -s'. But when I measured
them, 'ncheck -s' took 25% more wallclock time than the roughly equivalent
'find', and 60% more user+system CPU time (SunOS 4.0, Sun-3/160, Xylogics
7053, Toshiba MK251, 156 MB partition). In comp.unix.wizards
<2802@pixar.UUCP>, Rick Ace reports that 'ncheck' is unnecessarily buggy
and slow. Until Sun fixes 'ncheck', stick to 'find'.