
#   Lynis
# ------------------
# Copyright 2007-2013, Michael Boelen
# Copyright 2013-2016, CISOfy
# Website  : https://cisofy.com
# Blog     : http://linux-audit.com
# GitHub   : https://github.com/CISOfy/lynis
# Lynis comes with ABSOLUTELY NO WARRANTY. This is free software, and you are
# welcome to redistribute it under the terms of the GNU General Public License.
# See LICENSE file for usage of this software.
#  File permissions
    InsertSection "File Permissions"
    # Test        : FILE-7524
    # Description : Perform file permissions check
    Register --test-no FILE-7524 --weight L --network NO --description "Perform file permissions check"
    if [ ${SKIPTEST} -eq 0 ]; then
        Display --indent 2 --text "- Starting file permissions check"
        LogText "Test: Checking file permissions"
        for PROFILE in ${PROFILES}; do
            LogText "Using profile ${PROFILE} for baseline."
            FIND=`egrep '^permfile:|^permdir:' ${PROFILE} | cut -d: -f2`
            for I in ${FIND}; do
                LogText "Checking ${I}"
                CheckFilePermissions ${I}
                LogText "  Expected permissions: ${PROFILEVALUE}"
                LogText "  Actual permissions: ${FILEVALUE}"
                LogText "  Result: $PERMS"
                if [ "${PERMS}" = "FILE_NOT_FOUND" ]; then
                    Display --indent 4 --text "${I}" --result "NOT FOUND" --color WHITE
                  elif [ "${PERMS}" = "OK" ]; then
                    Display --indent 4 --text "${I}" --result OK --color GREEN
                  elif [ "${PERMS}" = "BAD" ]; then
                    Display --indent 4 --text "${I}" --result WARNING --color RED
                    ReportWarning ${TEST_NO} "M" "Incorrect permissions for file ${I}"
                    LogText "UNKNOWN status for file"


# Lynis - Copyright 2007-2016, CISOfy - https://cisofy.com