IRIX 6.4 Applications 1997 August

home *** CD-ROM | disk | FTP | other *** search

/ IRIX 6.4 Applications 1997 August / SGI IRIX 6.4 Applications 1997 August.iso / dist / gateway.idb / usr / WebFace / Tasks / Tasks.security-start.cgi.z / Tasks.security-start.cgi

Wrap

Text File | 1997-07-30 | 6.4 KB | 218 lines

#!/usr/bin/perl5 # # Tasks.security-start.cgi # # Copyright 1988-1996 Silicon Graphics, Inc. # All rights reserved. # # This is UNPUBLISHED PROPRIETARY SOURCE CODE of Silicon Graphics, Inc.; # the contents of this file may not be disclosed to third parties, copied or # duplicated in any form, in whole or in part, without the prior written # permission of Silicon Graphics, Inc. # # RESTRICTED RIGHTS LEGEND: # Use, duplication or disclosure by the Government is subject to restrictions # as set forth in subdivision (c)(1)(ii) of the Rights in Technical Data # and Computer Software clause at DFARS 252.227-7013, and/or in similar or # successor clauses in the FAR, DOD or NASA FAR Supplement. Unpublished - # rights reserved under the Copyright Laws of the United States. # # $Id: Tasks.security-start.cgi,v 1.8 1997/05/01 17:54:45 shotes Exp $ require "/usr/OnRamp/lib/OnRamp.pm"; $myname = "Tasks.security-start.cgi"; $inet_conf = "/etc/inetd.conf"; $temp = "task.tmp"; $temp2 = "task.tmp2"; $dummy = "task.dummy"; $action = "Tasks.security-start.cgi?loop"; $it = "<td><font size=5><i>"; $ni = "</i></font></td>"; @find_vals = ('telnet','login','shell','ftp','finger'); &get_fields; # clear temporary file for initial call if (!$ARGV[0]) { open(OUT,"> $temp"); close(OUT); open(OUT,"> $temp2"); close(OUT); # &initValues; } elsif ($ARGV[0] eq 'loop') { %vals = %fld; } else { &readValues; } if ($ARGV[0] eq loop) { &errorCheck; &writeFile; $go = "/tasks/security-second.cgi?st"; print "Content-type: text/html\n\n"; # printf("Location: %s%c%c",$go,10,10); print "<HTML><HEAD>"; print "<META HTTP-EQUIV=\"refresh\" CONTENT=\"0; URL=$go\">"; print "</HEAD><BODY></BODY></HTML>"; exit 0; } &setBoxes; &generic; sub initValues { open(IN,"< $inet_conf"); while(<IN>) { $line = $_; if ($line eq "\n") { next; } $line =~ /^\s*(\S.*)/; @items = split(/\s+/,$1); if ($items[0] !~ "#") { $terms{$items[0]} = 1; } else { $terms{$items[0]} = 0; } } close(IN); foreach $arg (@find_vals) { if ($arg =~ $_) { $vals{$arg} = $terms{$arg}; } else { $vals{$arg} = 0; } } } sub readValues { open(IN,"< $temp"); while(<IN>) { chop; $terms{$_} = 1; } close(IN); foreach $arg (@find_vals) { if ($terms{$arg}) { $vals{$arg} = 1; } else { $vals{$arg} = 0; } } if ($terms{"all_inetd"}) { $vals{"all_inetd"} = 1; } else { $vals{"all_inetd"} = 0; } } sub writeFile { undef %terms; open(IN,"< $temp"); while(<IN>) { chop; $terms{$_} = 1; } close(IN); if ($fld{'all_inetd'} == 1) { $terms{'all_inetd'} = 1; foreach $arg (@find_vals) { $terms{$arg} = $fld{$arg}; } } else { $terms{'all_inetd'} = 0; foreach $arg (@find_vals) { $terms{$arg} = 0; } } open(OUT,"> $temp"); foreach $arg (keys(%terms)) { print OUT "$arg\n" if ($terms{$arg} == 1); } close(OUT); } sub errorCheck { } sub error { $error = $_[0]; &generic; exit 0; } sub generic { print "Content-type: text/html\n\n"; print "<html><head><title>Security Setup </title>\n"; print "<script language=\"JavaScript\">\n\n"; print "</script></head>\n\n"; print "<body bgcolor=\'a7b4ce\' background=/tasks/security-task.bg.gif>\n"; if ($error) { print "<font size=4 color=ff0000><b>Error: </b>$error<br></font>"; } print "<i>$message</i>"; print "<table width=100%>", "<tr><th align=left><h1>Security Setup for Services</h1></th>\n", "<th align=right><a href=\"/newsplash.shtml\">", "<img height=55 width=57 border=0 src=/tasks/home.gif></a>\n", " <a href=\"Tasks.shtml\">", "<img height=55 width=57 border=0 src=/tasks/back.gif></a>", "</tr></table>\n"; printf("\n<form name=\"page1\" action=\"%s\" method=post>\n", $action); print "<center><table width=620>\n"; print "<tr><td colspan=2 align=left> Network services started out of inetd are known to pose security risks. This page allows you the opportunity of disabling these services. Services disabled include rpc services such as NIS and NFS, internal services such as time, daytime and echo, as well as others. For a complete list, see the configuration file \"<i>/etc/inetd.conf</i>\". Five important services are singled out, and may separately be left enabled. <br><br></td></tr></table>\n\n"; print "<table width=520>\n"; print "<tr><td colspan=2><input type=checkbox name=all_inetd value=1 $chall> ", " <strong>Disable network services started out of inetd</strong><br></td>", "</tr><tr><td><br><br></td></tr></table>\n\n"; print "<table width=620>\n"; print "<tr><td colspan=2>Keep enabled the following services:</td></tr>"; print "</table><table width=520>\n"; print "<tr><td><input type=checkbox name=ftp value=1 $chftp> " ."ftp (File Transfer Protocol.)</td></tr>"; print "<tr><td><input type=checkbox name=telnet value=1 $chtelnet> telnet" ." (Internet standard for remote login.)</td></tr>\n"; print "<tr><td><input type=checkbox name=shell value=1 $chshell> shell" ." (remote execution of shell commands.)</td></tr>\n"; print "<tr><td><input type=checkbox name=login value=1 $chlogin> " ."login (UNIX standard for remote login.)</td></tr>\n"; print "<tr><td><input type=checkbox name=finger value=1 $chfinger> " ."finger (remote query of user account information.)</td></tr>\n"; print "</table></center>\n\n"; print '<MAP NAME="js_map">', '<AREA SHAPE="rect" COORDS="0,0,59,52" HREF="javascript:Next()">', '</MAP>'; print "\n"; print '<IMG SRC="/tasks/rightarrow.gif" BORDER=0 USEMAP="#js_map" align="right">'; print "\n</form></body></html>"; } sub setBoxes { $chall = $vals{'all_inetd'} ? "checked" : ""; $chtelnet = $vals{'telnet'} ? "checked" : ""; $chlogin = $vals{'login'} ? "checked" : ""; $chshell = $vals{'shell'} ? "checked" : ""; $chftp = $vals{'ftp'} ? "checked" : ""; $chfinger = $vals{'finger'} ? "checked" : ""; }