Rename the script, then send a test email to see if anything in Postfix breaks. That might tell you what it's intended to do.
On re-examination, the script generates an MD5 sum on /etc/passwd and /var/spool/postfix/etc/passwd. Then a test: if not equal, copy /etc/passwd to /var/spool/postfix/etc/passwd and report the copy, otherwise, report that the files are already the same.
From one point of view, it's a quick way to keep two files in sync so that as passwords change in /etc/passwd, the postfix file is updated. From a crackers point of view, it could be a quick way to hide attacks on password files.
Last edited by bigrigdriver; 07-11-2007 at 06:30 PM.
|