SadlyNotSappho
/
security-checker-automatic
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

start working on perms

This commit is contained in:
SadlyNotSappho 2023-10-03 12:02:13 -07:00
parent eeaf79dc13
commit a933a287b5
2 changed files with 75 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
src/main.rs
View File

@ -1,6 +1,7 @@
use std::{fmt::Write, thread, time::Duration, sync::mpsc, process, fs};
use std::{fmt::Write, thread, time::Duration, sync::mpsc, process, fs, os::unix::prelude::MetadataExt};
use indicatif::{ProgressBar, ProgressState, ProgressStyle};
use security_checker::{structs::Folder, get_home};
use security_checker::{structs::{Folder, Perms}, get_home};
use std::os::unix::fs::PermissionsExt;
fn main() {
// TODO: add support for other OSes
@ -25,21 +26,25 @@ fn main() {
let (tx, rx) = mpsc::channel();
thread::spawn(move || {
let mut out = vec![];
let mut out: Vec<Folder> = vec![];
let folders = Folder::linux();
for mut folder in folders {
folder.path = folder.path.replace('~', &get_home()[..]);
// check if we have write perms for all of the folders, if so, push to out
let md = fs::metadata(&folder.path).unwrap();
let perms = md.permissions();
let readonly = perms.readonly();
let perms = md.permissions().mode();
let string = format!("{perms:o}").chars().rev().take(3).collect::<String>().chars().rev().collect::<String>();
println!("{readonly} - {}", folder.path);
if !readonly {
println!("can write to {}", folder.path);
out.push(folder)
}
println!("{}: {:?}", folder.path, Perms::from_unix_folder(folder.path.clone()));
let owner = md.uid();
let group = md.gid();
// println!("{readonly} - {}", folder.path);
// if !readonly {
// println!("can write to {}", folder.path);
// out.push(folder)
// }
};
tx.send(out)
});

65
src/structs.rs
View File

@ -1,3 +1,6 @@
use std::fs;
use std::os::unix::fs::PermissionsExt;
pub struct Data {
pub vulnerable_folders: Vec<Folder>,
pub pinged_home: bool,
@ -67,24 +70,76 @@ impl Folder {
Folder {
path: "/tmp".to_string(),
r#type: FolderType::ApplicationData,
contains: "Temporary Application Data".to_string()
contains: "Temporary Application Data".to_string(),
},
// user specific files
Folder {
path: "~/.config".to_string(),
r#type: FolderType::ApplicationData,
contains: "Permanent Application Data, Login Info".to_string()
contains: "Permanent Application Data, Login Info".to_string(),
},
Folder {
path: "~/.local/share".to_string(),
r#type: FolderType::ApplicationData,
contains: String::from("Permanent Application Data, Login Info")
contains: String::from("Permanent Application Data, Login Info"),
},
Folder {
path: "~/.cache".to_string(),
r#type: FolderType::ApplicationData,
contains: "Cached Data From Applications".to_string()
}
contains: "Cached Data From Applications".to_string(),
},
]
}
}
#[derive(Debug)]
pub struct Perms {
pub owner: Vec<FolderPerms>,
pub group: Vec<FolderPerms>,
pub other: Vec<FolderPerms>,
}
#[derive(Debug)]
pub enum FolderPerms {
Read,
Write,
Execute,
}
impl Perms {
pub fn from_unix_folder(path: String) -> Perms {
let md = fs::metadata(path).unwrap();
let perms = md.permissions().mode();
let string = format!("{perms:o}")
.chars()
.rev()
.take(3)
.collect::<String>()
.chars()
.rev()
.collect::<String>()
.chars()
.into_iter()
.collect::<Vec<char>>();
Perms {
owner: Perms::num_to_perms(string[0].to_string().parse().unwrap()),
group: Perms::num_to_perms(string[1].to_string().parse().unwrap()),
other: Perms::num_to_perms(string[2].to_string().parse().unwrap()),
}
}
pub fn num_to_perms(num: u8) -> Vec<FolderPerms> {
match num {
0 => vec![],
1 => vec![FolderPerms::Execute],
2 => vec![FolderPerms::Write],
3 => vec![FolderPerms::Execute, FolderPerms::Write],
4 => vec![FolderPerms::Read],
5 => vec![FolderPerms::Read, FolderPerms::Execute],
6 => vec![FolderPerms::Read, FolderPerms::Write],
7 => vec![FolderPerms::Read, FolderPerms::Write, FolderPerms::Execute],
_ => panic!("not a valid perm number"),
}
}
}