tyler.durden
/
lynis
mirror of https://github.com/CISOfy/lynis.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Enhance binaries report 

Report also number of set-uid and set-gid binaries found.

Signed-off-by: Topi Miettinen <toiwoton@gmail.com>
This commit is contained in:
Topi Miettinen 2020-03-31 17:55:49 +03:00
parent 288bca9334
commit 179f7d3442
No known key found for this signature in database
GPG Key ID: 87E1A51C590B0577
1 changed files with 16 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
include/binaries
View File

@ -74,6 +74,10 @@
fi
done
NSUID_BINARIES=0
NSGID_BINARIES=0
SUID_BINARIES=
SGID_BINARIES=
# Now perform binary detection
for SCANDIR in ${BIN_PATHS}; do
SCANDIR=$(echo "${SCANDIR}" | sed 's/!!space!!/ /g')
@ -115,6 +119,14 @@
COUNT=$((COUNT + 1))
BINARY="${SCANDIR}/${FILENAME}"
DISCOVERED_BINARIES="${DISCOVERED_BINARIES}${BINARY} "
if [ -u ${BINARY} ]; then
NSUID_BINARIES=$((NSUID_BINARIES + 1))
SUID_BINARIES="${SUID_BINARIES}${BINARY} "
fi
if [ -g ${BINARY} ]; then
NSGID_BINARIES=$((NSGID_BINARIES + 1))
SGID_BINARIES="${SGID_BINARIES}${BINARY} "
fi
# Optimized, much quicker (limited file access needed)
case ${FILENAME} in
aa-status) AASTATUSBINARY=${BINARY}; LogText " Found known binary: aa-status (apparmor component) - ${BINARY}" ;;
@ -311,8 +323,10 @@
BINARY_SCAN_FINISHED=1
BINARY_PATHS_FOUND=$(echo ${BINARY_PATHS_FOUND} | sed 's/^, //g' | sed 's/, /,/g')
LogText "Discovered directories: ${BINARY_PATHS_FOUND}"
LogText "Result: found ${COUNT} binaries"
Report "binaries_count=${COUNT}"
LogText "Result: found ${COUNT} binaries including ${NSUID_BINARIES} set-uid and ${NSGID_BINARIES} set-gid"
LogText "Result: set-uid binaries: ${SUID_BINARIES}"
LogText "Result: set-gid binaries: ${SGID_BINARIES}"
Report "binaries_count=${COUNT} suid_count=${SUID_BINARIES} sgid_count=${SGID_BINARIES}"
Report "binary_paths=${BINARY_PATHS_FOUND}"
# Test if the basic system tools are defined. These will be used during the audit.