Please insert this page. Even with a spellchecker I still fail! ****** (1) COPS clearly identifies problems which could affect the overall security of a system. (2) The warning messages associated with potential problems are generally straightforward. In certain instances, however, a user will have to be knowledgeable about Unix and/or about the systems's specific configuration to interpret the results and to evaluate the significance. (3) The U-Kuang analysis remains the most difficult concept to understand and the most difficult results to resolve. (4) The overwhelming number of problems discovered by COPS was in the management of the /etc/passwd file and in the setting of permissions on critical directories and files. My experience has been that even the so-called experienced Unix system administrator continually makes elementary mistakes in these areas. (5) COPS must be run on a recurring basis, particularly where there are multiple system administrators. One administrator may introduce a problem after a COPS run which may go undetected until a subsequent execution. f. The following is a list of the most common security warning messages which might occur, minus those that might be received from the Kuang analysis and from the SUID checker. I have placed an asterisk * after the description to indicate those messages which I have received in my executions of the program. (1) File is World writable, file is group readable * (2) File is World writable, file in /etc/rc* is World writable * (3) Directory is World writable * (4) Directory is World writable and in roots path (5) Duplicate Group(s) found * (6) Group has duplicate user(s) (7) Group file, line xyz, non-numeric group id * (8) Group file, line xyz, is blank * (9) Group file, line xyz, nonalphanumeric user id * (10) Group file, line xyz, group has password (11) Password Problem: Guessed: (12) Password Problem: no password * 3 ----- End of forwarded messages