new security test: check for setgid directories

Signed-off-by: Davide Madrisan <davide.madrisan@gmail.com>

ChangeLog

@@ -1,4 +1,4 @@
-Changes in version 1.9.0
+Changes in version 1.9.0 - Silvan Birthday Release
 Sun Jan 15 2012 Davide Madrisan <davide.madrisan(a)gmail.com>
 
 + update
@@ -33,11 +33,15 @@ Sun Jan 15 2012 Davide Madrisan <davide.madrisan(a)gmail.com>
     po/it/test02_pkgsecurity.po - Davide Madrisan:
     Updated.
 
++ improvement
   * libspec.lib - Davide Madrisan:
     Rework rpmvars.init() in order to support rpm macro expressions.
     (Feature asked ages ago by Silvan Calarco...)
     Modify debug output to get it more readable.
 
+  * tests/test02_pkgsecurity - Davide Madrisan:
+    New test: check for setgid directories.
+
 --------------------------------------------------------------------------------
 
 Changes in version 1.8.2

po/it/test02_pkgsecurity.po

@@ -49,6 +49,9 @@ msgstr "controllo"
 msgid "checking for setuid binaries"
 msgstr "ricerca di binari setuid"
 
+msgid "checking for setgid directories"
+msgstr "ricerca di directory setgid"
+
 msgid "checking for unsecure use of \\`\\$\\$' in shell and perl scripts"
 msgstr "ricerca di script shell e perl che utilizzano \\`\\$\\$' in modo insicuro"
 

tests/test02_pkgsecurity.in

@@ -112,6 +112,21 @@ function alltests() {
       let "i += 1"
    done
 
+   notify.note \
+"   * ${NOTE}"$"checking for setgid directories""${NORM}..."
+
+   let "i = 0"
+   for pck in ${rpmpkg_name[@]}; do
+      pushd $tmpextractdir/$i >/dev/null
+      # find setuid directories
+      for d in $(find -mindepth 2 -perm -2000 -type d 2>/dev/null); do
+         notify.warning "${NORM}${pck##*/} --> ${NOTE}${d/./}${NORM}"
+         let "total_issues += 1"
+      done
+      popd >/dev/null
+      let "i += 1"
+   done
+
    # checking for unsecure use of $$ as random source in shell scripts
    notify.note "   * ${NOTE}"$"\
 checking for unsecure use of \`\$\$' in shell and perl scripts""${NORM}..."