diff --git a/src/main.rs b/src/main.rs index 89ab0c5..f23e62f 100644 --- a/src/main.rs +++ b/src/main.rs @@ -1,6 +1,7 @@ -use std::{fmt::Write, thread, time::Duration, sync::mpsc, process, fs}; +use std::{fmt::Write, thread, time::Duration, sync::mpsc, process, fs, os::unix::prelude::MetadataExt}; use indicatif::{ProgressBar, ProgressState, ProgressStyle}; -use security_checker::{structs::Folder, get_home}; +use security_checker::{structs::{Folder, Perms}, get_home}; +use std::os::unix::fs::PermissionsExt; fn main() { // TODO: add support for other OSes @@ -25,21 +26,25 @@ fn main() { let (tx, rx) = mpsc::channel(); thread::spawn(move || { - let mut out = vec![]; + let mut out: Vec = vec![]; let folders = Folder::linux(); for mut folder in folders { folder.path = folder.path.replace('~', &get_home()[..]); // check if we have write perms for all of the folders, if so, push to out let md = fs::metadata(&folder.path).unwrap(); - let perms = md.permissions(); - let readonly = perms.readonly(); + let perms = md.permissions().mode(); + let string = format!("{perms:o}").chars().rev().take(3).collect::().chars().rev().collect::(); - println!("{readonly} - {}", folder.path); - if !readonly { - println!("can write to {}", folder.path); - out.push(folder) - } + println!("{}: {:?}", folder.path, Perms::from_unix_folder(folder.path.clone())); + let owner = md.uid(); + let group = md.gid(); + + // println!("{readonly} - {}", folder.path); + // if !readonly { + // println!("can write to {}", folder.path); + // out.push(folder) + // } }; tx.send(out) }); diff --git a/src/structs.rs b/src/structs.rs index 308251c..d94b9cb 100644 --- a/src/structs.rs +++ b/src/structs.rs @@ -1,3 +1,6 @@ +use std::fs; +use std::os::unix::fs::PermissionsExt; + pub struct Data { pub vulnerable_folders: Vec, pub pinged_home: bool, @@ -67,24 +70,76 @@ impl Folder { Folder { path: "/tmp".to_string(), r#type: FolderType::ApplicationData, - contains: "Temporary Application Data".to_string() + contains: "Temporary Application Data".to_string(), }, // user specific files Folder { path: "~/.config".to_string(), r#type: FolderType::ApplicationData, - contains: "Permanent Application Data, Login Info".to_string() + contains: "Permanent Application Data, Login Info".to_string(), }, Folder { path: "~/.local/share".to_string(), r#type: FolderType::ApplicationData, - contains: String::from("Permanent Application Data, Login Info") + contains: String::from("Permanent Application Data, Login Info"), }, Folder { path: "~/.cache".to_string(), r#type: FolderType::ApplicationData, - contains: "Cached Data From Applications".to_string() - } + contains: "Cached Data From Applications".to_string(), + }, ] } } + +#[derive(Debug)] +pub struct Perms { + pub owner: Vec, + pub group: Vec, + pub other: Vec, +} + +#[derive(Debug)] +pub enum FolderPerms { + Read, + Write, + Execute, +} + +impl Perms { + pub fn from_unix_folder(path: String) -> Perms { + let md = fs::metadata(path).unwrap(); + let perms = md.permissions().mode(); + let string = format!("{perms:o}") + .chars() + .rev() + .take(3) + .collect::() + .chars() + .rev() + .collect::() + .chars() + .into_iter() + .collect::>(); + + Perms { + owner: Perms::num_to_perms(string[0].to_string().parse().unwrap()), + group: Perms::num_to_perms(string[1].to_string().parse().unwrap()), + other: Perms::num_to_perms(string[2].to_string().parse().unwrap()), + } + } + + pub fn num_to_perms(num: u8) -> Vec { + match num { + 0 => vec![], + 1 => vec![FolderPerms::Execute], + 2 => vec![FolderPerms::Write], + 3 => vec![FolderPerms::Execute, FolderPerms::Write], + 4 => vec![FolderPerms::Read], + 5 => vec![FolderPerms::Read, FolderPerms::Execute], + 6 => vec![FolderPerms::Read, FolderPerms::Write], + 7 => vec![FolderPerms::Read, FolderPerms::Write, FolderPerms::Execute], + _ => panic!("not a valid perm number"), + } + } +}