此处的敏感用户是指这个用户属于多个组,或者这个用户属于的组名跟这个用户名不一样
#! /bin/bash
#list user who belong to more than one group
#and list user who belong to the group which isn't the same as the username
#w is whitelist,we will not think user in this whitelist is special or dangerous w=("root" "adm" "games" "operator" "halt" "shutdown" "sync" "daemon" "bin" "operator") function WhiteList()
{
for i in ${w[@]}
do
if [ "$i" == "$1" ];then
return 1
fi
done
return 0
}
IFS="
" for LINE in `cat /etc/passwd|awk -F: '{print $1}'` do
WhiteList $LINE;
#if $? equal 1,means it is in the whitelist if [ $? -eq 0 ];then
a=`groups $LINE|awk -F: '{print $2}'`
b=`echo $a`
if [ "$b" != "$LINE" ];then
#echo $LINE echo `groups $LINE`
fi
fi done
