I want to write a script that makes sure users' home directories don't contain world writable directories, directories owned by other users, or
other potential security problems. I'd like to echo any directory where
one user's home directory can be modified some by another user.
Can someone help me with these additions? I think this would be very important as well.
Jump to PostHere is one such utility I wrote:
#!/bin/bash if ( [ "$1" = "" ] ); then echo "" echo "-find: put all exceptions to files" echo "-del: delete all exception files" echo "-fixsuids: fix the most common suids" fi if ( [ "$1" = "-find" ] …
Jump to PostDid you run it as root?
The script for this is really excessive and not needed
#!/bin/bash if ( [ "$1" = "" ] ); then echo "" echo "-find: put all exceptions to files" echo "-del: delete all exception files" echo "-fixsuids: fix the most …
Here is one such utility I wrote:
#!/bin/bash
if ( [ "$1" = "" ] ); then
echo ""
echo "-find: put all exceptions to files"
echo "-del: delete all exception files"
echo "-fixsuids: fix the most common suids"
fi
if ( [ "$1" = "-find" ] ); then
#To generate "path" :
find / -maxdepth 1 -type d | grep -v '^/$' | grep -v '^/proc$' > path
#suid
find `cat path` -type f \( -perm -04000 -o -perm -02000 \) -exec ls -la {} \; > out.suids
#write permissions
find `cat path` -type f \( -perm -2 -o -perm -20 \) -exec ls -la {} \; > out.f.write
find `cat path` -type d \( -perm -2 -o -perm -20 \) -exec ls -lad {} \; > out.d.write
#
find `cat path` -type f \( -nogroup -o -nouser \) -exec ls -la {} \; > out.f.nouser
find `cat path` -type d \( -nogroup -o -nouser \) -exec ls -lad {} \; > out.g.nouser
fi
if ( [ "$1" = "-del" ] ); then
rm out.*
fi
if ( [ "$1" = "-fixsuids" ] ); then
fsuids="wall ping ping6 mount umount su sudo traceroute6 traceroute \
write newgrp cardctl cardinfo chsh chfn"
for i in $fsuids
do
bin=`which $i`
bin=`readlink -f $bin`
if test -f $bin; then
echo "Fixing $bin..."
chown root:wheel $bin
chmod o-rx `which $i`
fi
done
fi
unset i binYou may want to run the suid part manually though -- I think when you chown a suid it removes the suid bit altogether for security reasons. Be sure you test that before running it on a production system.
Do you mind commenting your statements so I may see what each line is doing? I'm having some trouble translating this. Thank you so much for your help
Also can you explain exactly what this does when I run it? I ran it and typed ./checkeperm -find and it scrolls things such as:
for quite some time.
find: /var/www/htdocs/finaid/_notes: Permission denied
find: /var/www/htdocs/finaid/javascript: Permission denied
find: /var/www/htdocs/finaid/loans: Permission denied
find: /var/www/htdocs/finaid/needaid/css: Permission denied
find: /var/www/htdocs/finaid/needaid/_baks: Permission denied
find: /var/www/htdocs/finaid/needaid/_notes: Permission denied
find: /var/www/htdocs/finaid/2009-2010: Permission denied
find: /var/www/htdocs/finaid/2008-2009: Permission denied
Did you run it as root?
The script for this is really excessive and not needed
#!/bin/bash
if ( [ "$1" = "" ] ); then
echo ""
echo "-find: put all exceptions to files"
echo "-del: delete all exception files"
echo "-fixsuids: fix the most common suids"
fi
if ( [ "$1" = "-find" ] ); then
#To generate "path" :
#this excludes directories from the search such as /proc
#you can add your manual exclusions here. These are dirs off
#the root /
find / -maxdepth 1 -type d | grep -v '^/$' | grep -v '^/proc$' > path
#suid
#finds all suid files in the search directories listed in ./path
find `cat path` -type f \( -perm -04000 -o -perm -02000 \) -exec ls -la {} \; > out.suids
#write permissions
#finds o+x files
find `cat path` -type f \( -perm -2 -o -perm -20 \) -exec ls -la {} \; > out.f.write
#finds o+x directories
find `cat path` -type d \( -perm -2 -o -perm -20 \) -exec ls -lad {} \; > out.d.write
#finds all files that do not have a user associate with them. This happens if you
#add a user, they create a file, then you delete them.
find `cat path` -type f \( -nogroup -o -nouser \) -exec ls -la {} \; > out.f.nouser
#same as above but directories
find `cat path` -type d \( -nogroup -o -nouser \) -exec ls -lad {} \; > out.g.nouser
fi
if ( [ "$1" = "-del" ] ); then
#cleans up the temp files
rm out.*
fi
if ( [ "$1" = "-fixsuids" ] ); then
#dont use this, it doesnt work right
fsuids="wall ping ping6 mount umount su sudo traceroute6 traceroute \
write newgrp cardctl cardinfo chsh chfn"
for i in $fsuids
do
bin=`which $i`
bin=`readlink -f $bin`
if test -f $bin; then
echo "Fixing $bin..."
chown root:wheel $bin
chmod o-rx `which $i`
fi
done
fi
unset i binAfter you run the script as root check the out.* files it creates in the working directory. It will give you a list of files/dirs that meet the criteria
So basically this is going to create a list of files and directories that meet the criteria O+X and or SUID and echo these results and must be run as root to work properly. Is this correct?
and -del is used to delete -find results incase I want to run it again correct?
So whereever I execute this file the out.* is going to be placed there?
Yes. You can change the behavior to use stdout but it will likely scroll the data off of your screen.
We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.