UNIX PATH directory checking 2

[PSD]

Hi all,

I am trying to come up with the simplest way to parse root's path and then examine whether or not each directory is world writable or not. So far this works fine in listing the PATH names:-

for DIR in `su - root -c "echo $PATH"| tr ':' ' '`
do
ls -lLd $DIR
done

This lists:-

drwxr-xr-x 3 bin bin 36864 May 23 2011 /usr/bin
drwxr-xr-x 35 root system 16384 Jun 29 00:00 /etc
drwxr-xr-x 6 bin bin 45056 May 23 2011 /usr/sbin
drwxr-xr-x 2 bin bin 4096 Jan 28 2010 /usr/ucb
drwxr-xr-x 2 bin bin 4096 Jan 28 2010 /usr/bin/X11
drwxr-xr-x 3 bin bin 256 Jan 28 2010 /sbin
drwxr-xr-x 7 bin bin 4096 Dec 17 2009 /usr/java5/jre/bin
drwxr-xr-x 2 bin bin 4096 Dec 17 2009 /usr/java5/bin
drwxr-xr-x 3 bin bin 36864 May 23 2011 /usr/bin
drwxr-xr-x 37 bin bin 4096 Mar 14 13:08 /var

Problem is that while these are the paths I need to think of a way to navigate up each path and check the parent directory as well. In this example /usr/bin is fine, but if /usr is world writable then there is a problem, same is true if /usr is ok, but / is world writable. Can anyone think of a good way to do this, it is giving me a headache!

Thanks

Paul

PSD
IBM Certified Specialist - AIX V4.3 Systems Support
IBM Certified Specialist - AIX V4 HACMP

 

[SamBones]

Something like this maybe?

#!/bin/ksh

print ${PATH} | tr ':' '\n' | while read DIR
do
    DIR=${DIR:-$(pwd)}

    print "Checking ${DIR}"

    while [[ -d ${DIR} ]]
    do
        [[ "$(ls -ld ${DIR})" = @(d???????w? *) ]] && print "   ${DIR} is world writable" || print "   ${DIR} is OK"

        DIR=${DIR%/*}
    done
done

 

[SamBones]

Or, for [tt]root[/tt]'s [tt]PATH[/tt]...

#!/bin/ksh

su - root -c "echo ${PATH}" | tr ':' '\n' | while read DIR
do
    DIR=${DIR:-$(pwd)}

    print "Checking ${DIR}"

    while [[ -d ${DIR} ]]
    do
        [[ "$(ls -ld ${DIR})" = @(d???????w? *) ]] && print "   ${DIR} is world writable" || print "   ${DIR} is OK"

        DIR=${DIR%/*}
    done
done

 

[PSD]

Thanks Sam,

That was a very good idea - have a star. I have ended up with this (adding in a check also for group writable directories). It does not traverse all the way up to "/" so I also hardcoded that into the script. Let me know if you think it could be made more efficient:-

#!/bin/ksh
su - root -c "echo ${PATH}" | tr ':' '\n' | while read DIR
do
DIR=${DIR:-$(pwd)}
print "Checking ${DIR}"
while [[ -d ${DIR} ]]
do
[[ "$(ls -ld ${DIR})" = @(d???????w? *) ]] && print " WARNING ${DIR} is world writable" || print " ${DIR} is not world writable"
[[ "$(ls -ld ${DIR})" = @(d????w???? *) ]] && print " WARNING ${DIR} is group writable" || print " ${DIR} is not group writable"
DIR=${DIR%/*}
done
done

DIR="/"
print "Checking ${DIR}"
[[ "$(ls -ld ${DIR})" = @(d???????w? *) ]] && print " WARNING ${DIR} is world writable" || print " ${DIR} is not world writable"
[[ "$(ls -ld ${DIR})" = @(d????w???? *) ]] && print " WARNING ${DIR} is group writable" || print " ${DIR} is not group writable

 

[PHV]

It does not traverse all the way up to "/"
su - root -c [!]'[/!]echo [!]/:[/!]${PATH}[!]'[/!] | tr ':' '\n' | while read DIR

Hope This Helps, PH.
FAQ219-2884
FAQ181-2886