updated to reflect the fact that we don't have an ncheck

etc/security

@@ -10,17 +10,29 @@ echo "Subject: $host security check output"
 LOG=/var/log
 TMP=/tmp/_secure.$$
 
+umask 027
+
 echo "checking setuid files and devices:"
-MP=`mount -t ufs | sed 's;/dev/;&r;' | awk '{ print $1 " " $3 }'`
-set $MP
-ls -lgT `while test $# -ge 2; do
-	device=$1
-	shift
-	mount=$1
-	shift
-	ncheck -s $device | sed -e "/:$/d" -e "/\/dev\//d" \
-	    -e "s;[^/]*;$mount;" -e "s;//;/;g" | sort
-done` > $TMP
+
+# don't have ncheck, but this does the equivalent of the commented out block.
+# note that one of the original problem, the possibility of overrunning
+# the args to ls, is still here...
+
+ls -lgT `find / -fstype local -a \
+    \( ! \( -fstype fdesc -o -fstype kernfs \) -o -prune \) \
+    \( -perm -u+s -or -perm -g+s \) | \
+	sed -e "/\/dev\//d" -e "s;//;/;g" | sort` > $TMP
+
+#MP=`mount -t ufs | sed 's;/dev/;&r;' | awk '{ print $1 " " $3 }'`
+#set $MP
+#ls -lgT `while test $# -ge 2; do
+#	device=$1
+#	shift
+#	mount=$1
+#	shift
+#	ncheck -s $device | sed -e "/:$/d" -e "/\/dev\//d" \
+#	    -e "s;[^/]*;$mount;" -e "s;//;/;g" | sort
+#done` > $TMP
 
 if cmp $LOG/setuid.today $TMP >/dev/null; then :; else
 	echo "$host setuid/device diffs:"