new security test: check for setgid directories
Signed-off-by: Davide Madrisan <davide.madrisan@gmail.com>
This commit is contained in:
parent
e642fb425e
commit
51ba76940c
@ -1,4 +1,4 @@
|
||||
Changes in version 1.9.0
|
||||
Changes in version 1.9.0 - Silvan Birthday Release
|
||||
Sun Jan 15 2012 Davide Madrisan <davide.madrisan(a)gmail.com>
|
||||
|
||||
+ update
|
||||
@ -33,11 +33,15 @@ Sun Jan 15 2012 Davide Madrisan <davide.madrisan(a)gmail.com>
|
||||
po/it/test02_pkgsecurity.po - Davide Madrisan:
|
||||
Updated.
|
||||
|
||||
+ improvement
|
||||
* libspec.lib - Davide Madrisan:
|
||||
Rework rpmvars.init() in order to support rpm macro expressions.
|
||||
(Feature asked ages ago by Silvan Calarco...)
|
||||
Modify debug output to get it more readable.
|
||||
|
||||
* tests/test02_pkgsecurity - Davide Madrisan:
|
||||
New test: check for setgid directories.
|
||||
|
||||
--------------------------------------------------------------------------------
|
||||
|
||||
Changes in version 1.8.2
|
||||
|
@ -49,6 +49,9 @@ msgstr "controllo"
|
||||
msgid "checking for setuid binaries"
|
||||
msgstr "ricerca di binari setuid"
|
||||
|
||||
msgid "checking for setgid directories"
|
||||
msgstr "ricerca di directory setgid"
|
||||
|
||||
msgid "checking for unsecure use of \\`\\$\\$' in shell and perl scripts"
|
||||
msgstr "ricerca di script shell e perl che utilizzano \\`\\$\\$' in modo insicuro"
|
||||
|
||||
|
@ -112,6 +112,21 @@ function alltests() {
|
||||
let "i += 1"
|
||||
done
|
||||
|
||||
notify.note \
|
||||
" * ${NOTE}"$"checking for setgid directories""${NORM}..."
|
||||
|
||||
let "i = 0"
|
||||
for pck in ${rpmpkg_name[@]}; do
|
||||
pushd $tmpextractdir/$i >/dev/null
|
||||
# find setuid directories
|
||||
for d in $(find -mindepth 2 -perm -2000 -type d 2>/dev/null); do
|
||||
notify.warning "${NORM}${pck##*/} --> ${NOTE}${d/./}${NORM}"
|
||||
let "total_issues += 1"
|
||||
done
|
||||
popd >/dev/null
|
||||
let "i += 1"
|
||||
done
|
||||
|
||||
# checking for unsecure use of $$ as random source in shell scripts
|
||||
notify.note " * ${NOTE}"$"\
|
||||
checking for unsecure use of \`\$\$' in shell and perl scripts""${NORM}..."
|
||||
|
Loading…
Reference in New Issue
Block a user