I spent a good few hours reviewing all the logrotate files included in Debian’s Sarge release the other day.
Using the Debian package search it was easy to find all the packages which install a file into /etc/logrotate.d/.
Once I had the list of packages I simply ran “apt-get source `cat packages.txt`” and started looking over the contents.
That is another area which has been audited. So far I think the systematic checking like that is quite a good way to find things. So far I can remember:
- Looking at files installed into /etc/cron.d/
- Looking at logrotate files
- Looking at all init scripts.
- Looking at all php scripts.
On the one hand spending hours looking at source code to try and detect flaws is frustrating when nothing is found, but on the other hand it is good that we have software in such good shape.