start working on perms
This commit is contained in:
parent
eeaf79dc13
commit
a933a287b5
25
src/main.rs
25
src/main.rs
|
|
@ -1,6 +1,7 @@
|
||||||
use std::{fmt::Write, thread, time::Duration, sync::mpsc, process, fs};
|
use std::{fmt::Write, thread, time::Duration, sync::mpsc, process, fs, os::unix::prelude::MetadataExt};
|
||||||
use indicatif::{ProgressBar, ProgressState, ProgressStyle};
|
use indicatif::{ProgressBar, ProgressState, ProgressStyle};
|
||||||
use security_checker::{structs::Folder, get_home};
|
use security_checker::{structs::{Folder, Perms}, get_home};
|
||||||
|
use std::os::unix::fs::PermissionsExt;
|
||||||
|
|
||||||
fn main() {
|
fn main() {
|
||||||
// TODO: add support for other OSes
|
// TODO: add support for other OSes
|
||||||
|
|
@ -25,21 +26,25 @@ fn main() {
|
||||||
let (tx, rx) = mpsc::channel();
|
let (tx, rx) = mpsc::channel();
|
||||||
|
|
||||||
thread::spawn(move || {
|
thread::spawn(move || {
|
||||||
let mut out = vec![];
|
let mut out: Vec<Folder> = vec![];
|
||||||
let folders = Folder::linux();
|
let folders = Folder::linux();
|
||||||
for mut folder in folders {
|
for mut folder in folders {
|
||||||
folder.path = folder.path.replace('~', &get_home()[..]);
|
folder.path = folder.path.replace('~', &get_home()[..]);
|
||||||
|
|
||||||
// check if we have write perms for all of the folders, if so, push to out
|
// check if we have write perms for all of the folders, if so, push to out
|
||||||
let md = fs::metadata(&folder.path).unwrap();
|
let md = fs::metadata(&folder.path).unwrap();
|
||||||
let perms = md.permissions();
|
let perms = md.permissions().mode();
|
||||||
let readonly = perms.readonly();
|
let string = format!("{perms:o}").chars().rev().take(3).collect::<String>().chars().rev().collect::<String>();
|
||||||
|
|
||||||
println!("{readonly} - {}", folder.path);
|
println!("{}: {:?}", folder.path, Perms::from_unix_folder(folder.path.clone()));
|
||||||
if !readonly {
|
let owner = md.uid();
|
||||||
println!("can write to {}", folder.path);
|
let group = md.gid();
|
||||||
out.push(folder)
|
|
||||||
}
|
// println!("{readonly} - {}", folder.path);
|
||||||
|
// if !readonly {
|
||||||
|
// println!("can write to {}", folder.path);
|
||||||
|
// out.push(folder)
|
||||||
|
// }
|
||||||
};
|
};
|
||||||
tx.send(out)
|
tx.send(out)
|
||||||
});
|
});
|
||||||
|
|
|
||||||
|
|
@ -1,3 +1,6 @@
|
||||||
|
use std::fs;
|
||||||
|
use std::os::unix::fs::PermissionsExt;
|
||||||
|
|
||||||
pub struct Data {
|
pub struct Data {
|
||||||
pub vulnerable_folders: Vec<Folder>,
|
pub vulnerable_folders: Vec<Folder>,
|
||||||
pub pinged_home: bool,
|
pub pinged_home: bool,
|
||||||
|
|
@ -67,24 +70,76 @@ impl Folder {
|
||||||
Folder {
|
Folder {
|
||||||
path: "/tmp".to_string(),
|
path: "/tmp".to_string(),
|
||||||
r#type: FolderType::ApplicationData,
|
r#type: FolderType::ApplicationData,
|
||||||
contains: "Temporary Application Data".to_string()
|
contains: "Temporary Application Data".to_string(),
|
||||||
},
|
},
|
||||||
// user specific files
|
// user specific files
|
||||||
Folder {
|
Folder {
|
||||||
path: "~/.config".to_string(),
|
path: "~/.config".to_string(),
|
||||||
r#type: FolderType::ApplicationData,
|
r#type: FolderType::ApplicationData,
|
||||||
contains: "Permanent Application Data, Login Info".to_string()
|
contains: "Permanent Application Data, Login Info".to_string(),
|
||||||
},
|
},
|
||||||
Folder {
|
Folder {
|
||||||
path: "~/.local/share".to_string(),
|
path: "~/.local/share".to_string(),
|
||||||
r#type: FolderType::ApplicationData,
|
r#type: FolderType::ApplicationData,
|
||||||
contains: String::from("Permanent Application Data, Login Info")
|
contains: String::from("Permanent Application Data, Login Info"),
|
||||||
},
|
},
|
||||||
Folder {
|
Folder {
|
||||||
path: "~/.cache".to_string(),
|
path: "~/.cache".to_string(),
|
||||||
r#type: FolderType::ApplicationData,
|
r#type: FolderType::ApplicationData,
|
||||||
contains: "Cached Data From Applications".to_string()
|
contains: "Cached Data From Applications".to_string(),
|
||||||
}
|
},
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#[derive(Debug)]
|
||||||
|
pub struct Perms {
|
||||||
|
pub owner: Vec<FolderPerms>,
|
||||||
|
pub group: Vec<FolderPerms>,
|
||||||
|
pub other: Vec<FolderPerms>,
|
||||||
|
}
|
||||||
|
|
||||||
|
#[derive(Debug)]
|
||||||
|
pub enum FolderPerms {
|
||||||
|
Read,
|
||||||
|
Write,
|
||||||
|
Execute,
|
||||||
|
}
|
||||||
|
|
||||||
|
impl Perms {
|
||||||
|
pub fn from_unix_folder(path: String) -> Perms {
|
||||||
|
let md = fs::metadata(path).unwrap();
|
||||||
|
let perms = md.permissions().mode();
|
||||||
|
let string = format!("{perms:o}")
|
||||||
|
.chars()
|
||||||
|
.rev()
|
||||||
|
.take(3)
|
||||||
|
.collect::<String>()
|
||||||
|
.chars()
|
||||||
|
.rev()
|
||||||
|
.collect::<String>()
|
||||||
|
.chars()
|
||||||
|
.into_iter()
|
||||||
|
.collect::<Vec<char>>();
|
||||||
|
|
||||||
|
Perms {
|
||||||
|
owner: Perms::num_to_perms(string[0].to_string().parse().unwrap()),
|
||||||
|
group: Perms::num_to_perms(string[1].to_string().parse().unwrap()),
|
||||||
|
other: Perms::num_to_perms(string[2].to_string().parse().unwrap()),
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
pub fn num_to_perms(num: u8) -> Vec<FolderPerms> {
|
||||||
|
match num {
|
||||||
|
0 => vec![],
|
||||||
|
1 => vec![FolderPerms::Execute],
|
||||||
|
2 => vec![FolderPerms::Write],
|
||||||
|
3 => vec![FolderPerms::Execute, FolderPerms::Write],
|
||||||
|
4 => vec![FolderPerms::Read],
|
||||||
|
5 => vec![FolderPerms::Read, FolderPerms::Execute],
|
||||||
|
6 => vec![FolderPerms::Read, FolderPerms::Write],
|
||||||
|
7 => vec![FolderPerms::Read, FolderPerms::Write, FolderPerms::Execute],
|
||||||
|
_ => panic!("not a valid perm number"),
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue