tools/quality-agent.d/001-unsafe-files

   1 #!/bin/bash
   2
   3 . $(dirname ${0})/qa-include
   4
   5 DESC="Searching for world-writeable files..."
   6
   7 function check() {
   8         local ret=0
   9
  10         local files=$(find ${BUILDROOT} -type f -perm -2 2>/dev/null)
  11         if [ -n "${files}" ]; then
  12                 log ERROR "  QA Security Notice:"
  13                 log ERROR "   - The folloing files will be world writable."
  14                 log ERROR "   - This may or may not be a security problem, most of the time it is one."
  15                 log ERROR "   - Please double check that these files really need a world writeable bit and file bugs accordingly."
  16                 log ERROR
  17                 log ERROR "${files}"
  18                 ret=1
  19         fi
  20
  21         files=$(find ${BUILDROOT} -type f '(' -perm -2002 -o -perm -4002 ')')
  22         if [ -n "${files}" ]; then
  23                 log ERROR "  QA Notice: Unsafe files detected (set*id and world writable)"
  24                 log ERROR
  25                 log ERROR "${files}"
  26                 ret=1
  27         fi
  28
  29         return ${ret}
  30 }
  31
  32 run
  33