DataMuseum.dk

top - metrics - download

    Length: 1551 (0x60f)
    Types: TextFile
    Names: »chk_strings«

└─⟦4f9d7c866⟧ Bits:30007245 EUUGD6: Sikkerheds distributionen
    └─⟦ed5edc051⟧ »./cops/1.02/cops.102.tar« 
└─⟦4f9d7c866⟧ Bits:30007245 EUUGD6: Sikkerheds distributionen
    └─⟦db60b44f1⟧ »./cops/1.02/cops.102.tar.Z« 
        └─⟦ed5edc051⟧ 
            └─⟦this⟧ »cops/chk_strings« 

TextFile

:
#
#  Usage: chk_strings filename
#
#  This will check pathnames inside executable files for writability,
# using the "strings" command and egrep.
#
#  I have identified three basic types of strings containing paths to files:
# 1)
#    /path1/path2/file			/* standard */
# 2) 
#    '/path1/path2/file'		/* standard, in single quotes */
# 3)
#    :/path1/file1:/path2/file2		/* a path for searching */
#
#  For the first two, I simply test the writability; for the last, I
# parse it into seperate paths and check each one in turn.
#
AWK=/bin/awk
EGREP=/usr/bin/egrep
TEST=/bin/test
ECHO=/bin/echo
SORT=/usr/bin/sort
STRINGS=/usr/ucb/strings

if test ! -s $STRINGS
	then
	exit 0
fi

if test $# -eq 0
	then
	$ECHO "Usage: $0 file"
	exit 2
fi

while test 0 -ne $#
	do
	# $ECHO Checking $1...
	# get the first two types:
	test_files=`$STRINGS $1 | $EGREP "/.*/" | $AWK '{for (i=1;i<=NF;i++) 
	if ((res=substr($i,1,1))=="/") 
		printf("%s\n",$i)
	else if ((res!=":") && (res=substr($i,2,1))=="/")
		printf("%s\n",substr($i,2,length($i)-2))}'| $SORT -u`

	# and type number three, parse into separate paths as well:
	paths=`$STRINGS $1|$EGREP "/.*/" |$AWK '{for (i=1;i<=NF;i++) 
		if ((substr($i,1,1)==":") && (substr($i,2,1))=="/")
			printf("%s",$i)}'`
	paths=`$ECHO $paths | $AWK -F: '{for (i=1;i<=NF;i++) printf("%s\n",$i)}'| $SORT -u`


	all_files=$test_files$paths

	for i in $all_files
		do
		if ./is_writable $i
			then
			$ECHO "      Warning!  File $i (inside root executed file $1) is _World_ writable!"
		fi
		done
	shift
done

# end of script