summaryrefslogtreecommitdiff
path: root/meta-security/recipes-security/redhat-security/files/find-chroot.sh
diff options
context:
space:
mode:
Diffstat (limited to 'meta-security/recipes-security/redhat-security/files/find-chroot.sh')
-rw-r--r--meta-security/recipes-security/redhat-security/files/find-chroot.sh93
1 files changed, 93 insertions, 0 deletions
diff --git a/meta-security/recipes-security/redhat-security/files/find-chroot.sh b/meta-security/recipes-security/redhat-security/files/find-chroot.sh
new file mode 100644
index 000000000..adce7fc8e
--- /dev/null
+++ b/meta-security/recipes-security/redhat-security/files/find-chroot.sh
@@ -0,0 +1,93 @@
+#!/bin/sh
+#
+# find-chroot utility
+# Copyright (c) 2011 Steve Grubb. ALL RIGHTS RESERVED.
+# sgrubb@redhat.com
+#
+# This software may be freely redistributed under the terms of the GNU
+# public license.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+#
+# This program looks for apps that use chroot(2) without using chdir(2)
+#
+# To save to file: ./find-chroot | sed -r "s/\x1B\[([0-9]{1,2}(;[0-9]{1,2})?)?[m|K]//g" | tee findings.txt
+
+libdirs="/lib /lib64 /usr/lib /usr/lib64"
+progdirs="/bin /sbin /usr/bin /usr/sbin /usr/libexec"
+FOUND=0
+
+# First param is which list to use, second is search pattern
+scan () {
+if [ "$1" = "1" ] ; then
+ dirs=$libdirs
+elif [ "$1" = "2" ] ; then
+ dirs=$progdirs
+elif [ "$1" = "3" ] ; then
+ dirs=$3
+fi
+
+for d in $dirs ; do
+ if [ ! -d $d ] ; then
+ continue
+ fi
+ files=`/usr/bin/find $d -name "$2" -type f 2>/dev/null`
+ for f in $files
+ do
+ syms=`/usr/bin/readelf -s $f 2>/dev/null | egrep ' chroot@.*GLIBC'`
+ if [ x"$syms" != "x" ] ; then
+ syms=`/usr/bin/readelf -s $f 2>/dev/null | egrep ' chdir@.*GLIBC'`
+ if [ x"$syms" = "x" ] ; then
+ if [ $FOUND = 0 ] ; then
+ printf "%-44s%s\n" "FILE" " PACKAGE"
+ FOUND=1
+ fi
+ # Red
+ printf "\033[31m%-44s\033[m" $f
+ #rpm -qf --queryformat "%{NAME}-%{VERSION}" $f
+ rpm -qf --queryformat " %{SOURCERPM}" $f
+ echo
+ else
+ # One last test to see if chdir is within 3
+ # lines of chroot
+ syms=`objdump -d $f | egrep callq | egrep 'chroot@plt' -A2 | egrep 'chroot|chdir'`
+ if [ x"$syms" = "x" ] ; then
+ syms=`echo $f | egrep -v 'libc-2|libc.so'`
+ if [ x"$syms" != "x" ] ; then
+ if [ $FOUND = 0 ] ; then
+ printf "%-44s%s\n" "FILE" "PACKAGE"
+ FOUND=1
+ fi
+ printf "\033[31m%-44s\033[m" $f
+ rpm -qf --queryformat " %{SOURCERPM}" $f
+ echo
+ fi
+ fi
+ fi
+ fi
+ done
+done
+}
+
+if [ $# -eq 1 ] ; then
+ if [ -d $1 ] ; then
+ scan 3 '*' $1
+ else
+ echo "Input is not a directory"
+ exit 1
+ fi
+else
+ scan 2 '*'
+ scan 1 '*.so'
+fi
+
+if [ $FOUND -eq 0 ] ; then
+ # Nothing to report, just exit
+ echo "No problems found" 1>&2
+ exit 0
+fi
+exit 1
+
+