| Richard Marian Thomaiyar | 14fddef | 2018-07-13 23:55:56 +0530 | [diff] [blame] | 1 | #!/bin/sh |
| 2 | # |
| 3 | # find-nodrop-groups utility |
| 4 | # Copyright (c) 2011 Steve Grubb. ALL RIGHTS RESERVED. |
| 5 | # sgrubb@redhat.com |
| 6 | # |
| 7 | # This software may be freely redistributed under the terms of the GNU |
| 8 | # public license. |
| 9 | # |
| 10 | # You should have received a copy of the GNU General Public License |
| 11 | # along with this program; if not, write to the Free Software |
| 12 | # Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. |
| 13 | # |
| 14 | # This program looks for apps that use setgid(2) without using initgroups(3) |
| 15 | # or setgroups(2). |
| 16 | # |
| 17 | # To save to file: ./find-nodrop-groups | sed -r "s/\x1B\[([0-9]{1,2}(;[0-9]{1,2})?)?[m|K]//g" | tee findings.txt |
| 18 | |
| 19 | libdirs="/lib /lib64 /usr/lib /usr/lib64" |
| 20 | progdirs="/bin /sbin /usr/bin /usr/sbin /usr/libexec" |
| 21 | FOUND=0 |
| 22 | |
| 23 | # First param is which list to use, second is search pattern |
| 24 | scan () { |
| 25 | if [ "$1" = "1" ] ; then |
| 26 | dirs=$libdirs |
| 27 | elif [ "$1" = "2" ] ; then |
| 28 | dirs=$progdirs |
| 29 | elif [ "$1" = "3" ] ; then |
| 30 | dirs=$3 |
| 31 | fi |
| 32 | |
| 33 | for d in $dirs ; do |
| 34 | if [ ! -d $d ] ; then |
| 35 | continue |
| 36 | fi |
| 37 | files=`/usr/bin/find $d -name "$2" -type f 2>/dev/null` |
| 38 | for f in $files |
| 39 | do |
| 40 | syms=`/usr/bin/readelf -s $f 2>/dev/null | egrep ' setgid@.*GLIBC| setegid@.*GLIBC| setresgid@.*GLIBC'` |
| 41 | if [ x"$syms" != "x" ] ; then |
| 42 | syms=`/usr/bin/readelf -s $f 2>/dev/null | egrep ' setuid@.*GLIBC| seteuid@.*GLIBC| setresuid@.*GLIBC'` |
| 43 | if [ x"$syms" != "x" ] ; then |
| 44 | syms=`/usr/bin/readelf -s $f 2>/dev/null | egrep ' setgroups@.*GLIBC| initgroups@.*GLIBC'` |
| 45 | if [ x"$syms" = "x" ] ; then |
| 46 | if [ $FOUND = 0 ] ; then |
| 47 | printf "%-44s%s\n" "FILE" "PACKAGE" |
| 48 | fi |
| 49 | syms=`find $f \( -perm -004000 -o -perm -002000 \) -type f -print` |
| 50 | if [ x"$syms" = "x" ] ; then |
| 51 | printf "\033[31m%-44s\033[m" $f |
| 52 | rpm -qf --queryformat "%{SOURCERPM}" $f |
| 53 | echo |
| 54 | FOUND=1 |
| 55 | # else |
| 56 | # printf "\033[33m%-44s\033[m" $f |
| 57 | fi |
| 58 | #rpm -qf --queryformat "%{NAME}-%{VERSION}" $f |
| 59 | fi |
| 60 | fi |
| 61 | fi |
| 62 | done |
| 63 | done |
| 64 | } |
| 65 | |
| 66 | if [ $# -eq 1 ] ; then |
| 67 | if [ -d $1 ] ; then |
| 68 | scan 3 '*' $1 |
| 69 | else |
| 70 | echo "Input is not a directory" |
| 71 | exit 1 |
| 72 | fi |
| 73 | else |
| 74 | scan 1 '*.so' |
| 75 | scan 2 '*' |
| 76 | fi |
| 77 | |
| 78 | if [ $FOUND -eq 0 ] ; then |
| 79 | # Nothing to report, just exit |
| 80 | echo "No problems found" 1>&2 |
| 81 | exit 0 |
| 82 | fi |
| 83 | exit 1 |
| 84 | |
| 85 | |