diff options
| author | Katarina Durechova <durechova@ynet.sk> | 2018-01-24 19:08:21 +0300 |
|---|---|---|
| committer | Michael Boelen <michael.boelen@cisofy.com> | 2018-01-24 19:08:21 +0300 |
| commit | 993edc9738b0d0f2303941b26820ce02a77804e5 (patch) | |
| tree | 99719af829d12120e30f9a26ff000f50def477b6 /include/tests_filesystems | |
| parent | 8eccc8bddb7b8a61fb8f191d52101fffcebcad80 (diff) | |
[FILE-6363] Check for sticky bit on /var/tmp (#473)
Diffstat (limited to 'include/tests_filesystems')
| -rw-r--r-- | include/tests_filesystems | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/include/tests_filesystems b/include/tests_filesystems index 823c008a..b8e30522 100644 --- a/include/tests_filesystems +++ b/include/tests_filesystems @@ -401,6 +401,29 @@ # ################################################################################# # + # Test : FILE-6363 + # Description : Check for sticky bit on /var/tmp + if [ -d ${ROOTDIR}var/tmp -a ! -L ${ROOTDIR}var/tmp ]; then PREQS_MET="YES"; SKIPREASON=""; else PREQS_MET="NO"; SKIPREASON="No /var/tmp or /var/tmp is symlinked"; fi + Register --test-no FILE-6363 --preqs-met ${PREQS_MET} --skip-reason "${SKIPREASON}" --weight L --network NO --category security --description "Checking /var/tmp sticky bit" + if [ ${SKIPTEST} -eq 0 ]; then + # Depending on OS, number of field with 'tmp' differs + FIND=$(${LSBINARY} -ld ${ROOTDIR}var/tmp | ${AWKBINARY} '$1 ~ /[tT]/ { print 1 }') + if [ "${FIND}" = "1" ]; then + Display --indent 2 --text "- Checking ${ROOTDIR}var/tmp sticky bit" --result "${STATUS_OK}" --color GREEN + LogText "Result: sticky bit found on ${ROOTDIR}var/tmp directory" + AddHP 3 3 + else + Display --indent 2 --text "- Checking ${ROOTDIR}var/tmp sticky bit" --result "${STATUS_WARNING}" --color RED + ReportSuggestion ${TEST_NO} "Set the sticky bit on ${ROOTDIR}var/tmp, to prevent users deleting (by other owned) files in the /var/tmp directory." "/var/tmp" "text:Set sticky bit" + AddHP 0 3 + fi + unset FIND + else + LogText "Result: Sticky bit test (on /var/tmp) skipped. Possible reason: missing directory, or symlinked directory, or test skipped." + fi +# +################################################################################# +# # Test : FILE-6366 # Description : Check for noatime option # More info : especially useful for profile 'desktop' and 'server-storage' |