#!/bin/sh 
# SYSTEMS: Solaris
# This script will modify /etc/system to enable stack protections and 
# logging.  Note that if these parameters are defined in /etc/system, 
# they will be re-written (in place) to verify that they are set properly.
# Otherwise, they are appended to the file.
MSG="# Checking kernel-level stack protections and logging..."
SYSTEM=`uname -s`
######Solaris######
if [ "$SYSTEM" = "SunOS" ]; then
  echo ""; echo "$MSG"
  case "`uname -r`" in
    5.[6789]*) ;;
    *)
      #Only supported on Solaris 2.6 and newer
      exit 0;;
  esac
FILE=/etc/system
  if [ `egrep "set noexec_user_stack=1" ${FILE} |\
    grep -v '*' | wc -l` = 0 ]; then
    echo "--WARN-- [STACK001w] 'set noexec_user_stack=1' NOT in ${FILE}."
  fi
  if [ `egrep "set noexec_user_stack_log=1" ${FILE} |\
    grep -v '*' | wc -l` = 0 ]; then
    echo "--WARN-- [STACK001w] 'set noexec_user_stack_log=1' NOT in ${FILE}."
  fi
fi

