start working on perms

This commit is contained in:
SadlyNotSappho 2023-10-03 12:02:13 -07:00
parent eeaf79dc13
commit a933a287b5
2 changed files with 75 additions and 15 deletions

View File

@ -1,6 +1,7 @@
use std::{fmt::Write, thread, time::Duration, sync::mpsc, process, fs}; use std::{fmt::Write, thread, time::Duration, sync::mpsc, process, fs, os::unix::prelude::MetadataExt};
use indicatif::{ProgressBar, ProgressState, ProgressStyle}; use indicatif::{ProgressBar, ProgressState, ProgressStyle};
use security_checker::{structs::Folder, get_home}; use security_checker::{structs::{Folder, Perms}, get_home};
use std::os::unix::fs::PermissionsExt;
fn main() { fn main() {
// TODO: add support for other OSes // TODO: add support for other OSes
@ -25,21 +26,25 @@ fn main() {
let (tx, rx) = mpsc::channel(); let (tx, rx) = mpsc::channel();
thread::spawn(move || { thread::spawn(move || {
let mut out = vec![]; let mut out: Vec<Folder> = vec![];
let folders = Folder::linux(); let folders = Folder::linux();
for mut folder in folders { for mut folder in folders {
folder.path = folder.path.replace('~', &get_home()[..]); folder.path = folder.path.replace('~', &get_home()[..]);
// check if we have write perms for all of the folders, if so, push to out // check if we have write perms for all of the folders, if so, push to out
let md = fs::metadata(&folder.path).unwrap(); let md = fs::metadata(&folder.path).unwrap();
let perms = md.permissions(); let perms = md.permissions().mode();
let readonly = perms.readonly(); let string = format!("{perms:o}").chars().rev().take(3).collect::<String>().chars().rev().collect::<String>();
println!("{readonly} - {}", folder.path); println!("{}: {:?}", folder.path, Perms::from_unix_folder(folder.path.clone()));
if !readonly { let owner = md.uid();
println!("can write to {}", folder.path); let group = md.gid();
out.push(folder)
} // println!("{readonly} - {}", folder.path);
// if !readonly {
// println!("can write to {}", folder.path);
// out.push(folder)
// }
}; };
tx.send(out) tx.send(out)
}); });

View File

@ -1,3 +1,6 @@
use std::fs;
use std::os::unix::fs::PermissionsExt;
pub struct Data { pub struct Data {
pub vulnerable_folders: Vec<Folder>, pub vulnerable_folders: Vec<Folder>,
pub pinged_home: bool, pub pinged_home: bool,
@ -67,24 +70,76 @@ impl Folder {
Folder { Folder {
path: "/tmp".to_string(), path: "/tmp".to_string(),
r#type: FolderType::ApplicationData, r#type: FolderType::ApplicationData,
contains: "Temporary Application Data".to_string() contains: "Temporary Application Data".to_string(),
}, },
// user specific files // user specific files
Folder { Folder {
path: "~/.config".to_string(), path: "~/.config".to_string(),
r#type: FolderType::ApplicationData, r#type: FolderType::ApplicationData,
contains: "Permanent Application Data, Login Info".to_string() contains: "Permanent Application Data, Login Info".to_string(),
}, },
Folder { Folder {
path: "~/.local/share".to_string(), path: "~/.local/share".to_string(),
r#type: FolderType::ApplicationData, r#type: FolderType::ApplicationData,
contains: String::from("Permanent Application Data, Login Info") contains: String::from("Permanent Application Data, Login Info"),
}, },
Folder { Folder {
path: "~/.cache".to_string(), path: "~/.cache".to_string(),
r#type: FolderType::ApplicationData, r#type: FolderType::ApplicationData,
contains: "Cached Data From Applications".to_string() contains: "Cached Data From Applications".to_string(),
} },
] ]
} }
} }
#[derive(Debug)]
pub struct Perms {
pub owner: Vec<FolderPerms>,
pub group: Vec<FolderPerms>,
pub other: Vec<FolderPerms>,
}
#[derive(Debug)]
pub enum FolderPerms {
Read,
Write,
Execute,
}
impl Perms {
pub fn from_unix_folder(path: String) -> Perms {
let md = fs::metadata(path).unwrap();
let perms = md.permissions().mode();
let string = format!("{perms:o}")
.chars()
.rev()
.take(3)
.collect::<String>()
.chars()
.rev()
.collect::<String>()
.chars()
.into_iter()
.collect::<Vec<char>>();
Perms {
owner: Perms::num_to_perms(string[0].to_string().parse().unwrap()),
group: Perms::num_to_perms(string[1].to_string().parse().unwrap()),
other: Perms::num_to_perms(string[2].to_string().parse().unwrap()),
}
}
pub fn num_to_perms(num: u8) -> Vec<FolderPerms> {
match num {
0 => vec![],
1 => vec![FolderPerms::Execute],
2 => vec![FolderPerms::Write],
3 => vec![FolderPerms::Execute, FolderPerms::Write],
4 => vec![FolderPerms::Read],
5 => vec![FolderPerms::Read, FolderPerms::Execute],
6 => vec![FolderPerms::Read, FolderPerms::Write],
7 => vec![FolderPerms::Read, FolderPerms::Write, FolderPerms::Execute],
_ => panic!("not a valid perm number"),
}
}
}