>>Number:         3763
>>Category:       misc
>>Synopsis:       /etc/security doesn't check /etc/profile
>>Description:
>The /etc/security script, which checks umask values for root, checks
>/etc/csh.login, /etc/csh.cshrc, /root/.login, and /root/.cshrc for the
>C shell.  For the Bourne shell, however, it only checks
>/root/.profile, when /etc/profile should also be checked.

i've often wondered about the ass-backwards way that umasks are
checked in these shell startup files...

wouldn't it be much better to do something akin to

if [ `sh -c 'umask 777 ; . /etc/profile ; umask'` = 777]; then
	echo /etc/profile doesn't set root umask
fi
if [ `csh -c 'umask 777 ; source /etc/csh.cshrc ; umask'` = 777]; then
	echo /etc/csh.cshrc doesn't set root umask
fi

to find out authoritatively whether or not they set it?  this is, of
course, assuming they don't run any nasty programs...

-- 
|-----< "CODE WARRIOR" >-----|
andrew@echonyc.com (TheMan)        * "ah!  i see you have the internet
codewarrior@daemon.org                               that goes *ping*!"
warfare@graffiti.com      * "information is power -- share the wealth."