#!/bin/bash # # harbian-audit for Debian GNU/Linux 9/10/11 Hardening # # # 14.2 To ensure there are no files permissions are set to 777 (Scored) # Author: Samson-W (samson@hardenedlinux.org) author add this # set -e # One error, it's over set -u # One variable unset, it's over HARDENING_LEVEL=3 HARDENING_EXCEPTION=sechardened # This function will be called if the script status is on enabled / audit mode audit () { if [ $ISEXCEPTION -eq 1 ]; then warn "Exception is set to 1, so it's pass!" else ABUSECOUNT=$(find / -xdev -type f -perm -777 | wc -l ) if [ $ABUSECOUNT -gt 0 ]; then crit "$ABUSECOUNT files abuse the 777 permission." FNRET=1 else ok "There are no files that abuse 777 permissions." FNRET=0 fi fi } # This function will be called if the script status is on enabled mode apply () { if [ $ISEXCEPTION -eq 1 ]; then warn "Exception is set to 1, so it's pass!" else if [ $FNRET -eq 0 ]; then ok "There are no files that abuse 777 permissions." else warn "Some files abuse 777 permissions. Please check and correct yourself!" fi fi } # This function will create the config file for this check with default values create_config() { cat <