I tried to post this under the Dummies forum in hopes of because it is actually more dumb than security, but I was shut down for double posting.
Now that I am willing to abide by the rules, and after some help from some others on the group, I offer this bit of code hoping that someone can show a better way to get where I am heading.
I am using the suggested fid command, but I do not know how one would use the "greater than" check against the permission bits.
Code:
#!/bin/sh
#
#
# ident "@(#)stewart-set-manpage-permissions.fin 1.1 08/02/08"
#
# Set permissions for manual pages to no more permissive than 644.
# Reference GEN001280 UNIX Security Checklist V 5R1.5.
#
#
#
MANDIR=/usr/share/man
for FILENAME in `find $MANDIR -type f -perm -7 -o -type f -perm -6
-o -type f -perm -5 -o -type f -perm -3 -o -type f -perm -2 -o -type f -perm -1`
do
#chmod 644 $FILENAME
ls -l $FILENAME
done
Thank you,
JB aka Altamaha
