The first internal security report that I got after a fresh
install had lots of bogus output. It was all of the form:
checking setuid files and devices:
try setuid/device diffs:
< -r-xr-sr-x 1 bin operator 49152 Nov 22 04:00:15 1994 /bin/df
> -r-xr-sr-x 1 bin operator 49152 Nov 22 04:00:15 1994 /bin/df
Obviously, the initial database is in a slightly different form
than what is shipped.
Fixed in rev 1.8 of /etc/security sometime in May of 1995. The
"diff" command is now called with the "-b" option to ignore
changes in whitespace.