INTELLIGENT WORK FORUMS
FOR COMPUTER PROFESSIONALS

Log In

Come Join Us!

Are you a
Computer / IT professional?
Join Tek-Tips Forums!
  • Talk With Other Members
  • Be Notified Of Responses
    To Your Posts
  • Keyword Search
  • One-Click Access To Your
    Favorite Forums
  • Automated Signatures
    On Your Posts
  • Best Of All, It's Free!

*Tek-Tips's functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

Posting Guidelines

Promoting, selling, recruiting, coursework and thesis posting is forbidden.

Jobs

UNIX PATH directory checking

UNIX PATH directory checking

(OP)
Hi all,

I am trying to come up with the simplest way to parse root's path and then examine whether or not each directory is world writable or not. So far this works fine in listing the PATH names:-

for DIR in `su - root -c "echo $PATH"| tr ':' ' '`
do
ls -lLd $DIR
done

This lists:-

drwxr-xr-x 3 bin bin 36864 May 23 2011 /usr/bin
drwxr-xr-x 35 root system 16384 Jun 29 00:00 /etc
drwxr-xr-x 6 bin bin 45056 May 23 2011 /usr/sbin
drwxr-xr-x 2 bin bin 4096 Jan 28 2010 /usr/ucb
drwxr-xr-x 2 bin bin 4096 Jan 28 2010 /usr/bin/X11
drwxr-xr-x 3 bin bin 256 Jan 28 2010 /sbin
drwxr-xr-x 7 bin bin 4096 Dec 17 2009 /usr/java5/jre/bin
drwxr-xr-x 2 bin bin 4096 Dec 17 2009 /usr/java5/bin
drwxr-xr-x 3 bin bin 36864 May 23 2011 /usr/bin
drwxr-xr-x 37 bin bin 4096 Mar 14 13:08 /var

Problem is that while these are the paths I need to think of a way to navigate up each path and check the parent directory as well. In this example /usr/bin is fine, but if /usr is world writable then there is a problem, same is true if /usr is ok, but / is world writable. Can anyone think of a good way to do this, it is giving me a headache!

Thanks

Paul

PSD
IBM Certified Specialist - AIX V4.3 Systems Support
IBM Certified Specialist - AIX V4 HACMP

RE: UNIX PATH directory checking

Something like this maybe?

CODE

#!/bin/ksh

print ${PATH} | tr ':' '\n' | while read DIR
do
    DIR=${DIR:-$(pwd)}

    print "Checking ${DIR}"

    while [[ -d ${DIR} ]]
    do
        [[ "$(ls -ld ${DIR})" = @(d???????w? *) ]] && print "   ${DIR} is world writable" || print "   ${DIR} is OK"

        DIR=${DIR%/*}
    done
done 

RE: UNIX PATH directory checking

Or, for root's PATH...

CODE

#!/bin/ksh

su - root -c "echo ${PATH}" | tr ':' '\n' | while read DIR
do
    DIR=${DIR:-$(pwd)}

    print "Checking ${DIR}"

    while [[ -d ${DIR} ]]
    do
        [[ "$(ls -ld ${DIR})" = @(d???????w? *) ]] && print "   ${DIR} is world writable" || print "   ${DIR} is OK"

        DIR=${DIR%/*}
    done
done 

RE: UNIX PATH directory checking

(OP)
Thanks Sam,

That was a very good idea - have a star. I have ended up with this (adding in a check also for group writable directories). It does not traverse all the way up to "/" so I also hardcoded that into the script. Let me know if you think it could be made more efficient:-

#!/bin/ksh
su - root -c "echo ${PATH}" | tr ':' '\n' | while read DIR
do
DIR=${DIR:-$(pwd)}
print "Checking ${DIR}"
while [[ -d ${DIR} ]]
do
[[ "$(ls -ld ${DIR})" = @(d???????w? *) ]] && print " WARNING ${DIR} is world writable" || print " ${DIR} is not world writable"
[[ "$(ls -ld ${DIR})" = @(d????w???? *) ]] && print " WARNING ${DIR} is group writable" || print " ${DIR} is not group writable"
DIR=${DIR%/*}
done
done

DIR="/"
print "Checking ${DIR}"
[[ "$(ls -ld ${DIR})" = @(d???????w? *) ]] && print " WARNING ${DIR} is world writable" || print " ${DIR} is not world writable"
[[ "$(ls -ld ${DIR})" = @(d????w???? *) ]] && print " WARNING ${DIR} is group writable" || print " ${DIR} is not group writable"

Red Flag This Post

Please let us know here why this post is inappropriate. Reasons such as off-topic, duplicates, flames, illegal, vulgar, or students posting their homework.

Red Flag Submitted

Thank you for helping keep Tek-Tips Forums free from inappropriate posts.
The Tek-Tips staff will check this out and take appropriate action.

Reply To This Thread

Posting in the Tek-Tips forums is a member-only feature.

Click Here to join Tek-Tips and talk with other members!

Resources

Close Box

Join Tek-Tips® Today!

Join your peers on the Internet's largest technical computer professional community.
It's easy to join and it's free.

Here's Why Members Love Tek-Tips Forums:

Register now while it's still free!

Already a member? Close this window and log in.

Join Us             Close