tyler.durden/lynis
1
0
Fork 0
mirror of https://github.com/CISOfy/lynis.git synced 2025-07-27 07:44:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

Add test for world-writable cronjobs

Browse Source
This commit is contained in:
mboelen 2016-04-26 14:06:27 +02:00
parent 7b33ead897
commit e20404c60b
1 changed files with 9 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
include/tests_scheduling
View File

@ -72,17 +72,20 @@
if [ ${CANREAD} -eq 1 ]; then if [ ${CANREAD} -eq 1 ]; then
LogText "Result: found directory ${I}" LogText "Result: found directory ${I}"
LogText "Test: searching files in ${I}" LogText "Test: searching files in ${I}"
FIND=`find ${I} -type f -print` FIND=`find ${I} -type f -print | grep -v ".placeholder"`
if [ "${FIND}" = "" ]; then if [ "${FIND}" = "" ]; then
LogText "Result: no files found in ${I}" LogText "Result: no files found in ${I}"
else else
LogText "Result: found one or more files in ${I}. Analyzing files.." LogText "Result: found one or more files in ${I}. Analyzing files.."
for J in ${FIND}; do for J in ${FIND}; do
if IsWorldWritable ${J}; then Report "insecure_fileperms_cronjob=${J}"; fi
FindCronJob ${J} FindCronJob ${J}
for K in ${sCRONJOBS}; do if [ ! "${sCRONJOBS}" = "" ]; then
LogText "Result: Found cronjob (${I}): ${K}" for K in ${sCRONJOBS}; do
Report "cronjob[]=${J}" LogText "Result: Found cronjob (${J}): ${K}"
done Report "cronjob[]=${J}"
done
fi
done done
LogText "Result: done with analyzing files in ${I}" LogText "Result: done with analyzing files in ${I}"
fi fi
@ -106,6 +109,7 @@
else else
LogText "Result: found one or more files in ${I}. Analyzing files.." LogText "Result: found one or more files in ${I}. Analyzing files.."
for J in ${FIND}; do for J in ${FIND}; do
if IsWorldWritable ${J}; then Report "insecure_fileperms_cronjob=${J}"; fi
LogText "Result: Found cronjob (${I}): ${J}" LogText "Result: Found cronjob (${I}): ${J}"
Report "cronjob[]=${J}" Report "cronjob[]=${J}"
done done