Page MenuHomeFreeBSD
Differential D15904 Diff 44674 head/Mk/Scripts/security-check.awk

Changeset View

Standalone View

View Options

head/Mk/Scripts/security-check.awk

BEGIN { BEGIN {
file = ""; file = "";
split("", stupid_binaries); split("", stupid_binaries);
split("", network_binaries); split("", network_binaries);
split("", setuid_binaries); split("", setuid_binaries);
split("", writable_files); split("", writable_files);
split("", startup_scripts); split("", startup_scripts);
header_printed = 0; header_printed = 0;
} }
FILENAME ~ /\.flattened$/ { FILENAME ~ /\.flattened$/ {
if ($0 ~ /(^|\/)etc\/rc\.d\//) if ($0 ~ /(^|\/)etc\/rc\.d\//)
startup_scripts[$0] = 1; startup_scripts[$0] = 1;
} }
FILENAME ~ /\.objdump$/ { FILENAME ~ /\.readelf$/ {
if (match($0, /: +file format [^ ]+$/)) { if (match($0, /^File:/)) {
file = substr($0, 1, RSTART - 1); file = substr($0, 7);
next; next;
} }
if (file == "") if (file == "")
next; next;
if ($3 ~ /^(gets|mktemp|tempnam|tmpnam)$/ || if ($5 ~ /^(gets|mktemp|tempnam|tmpnam)$/ ||
($3 ~ /^(strcpy|strcat|sprintf)$/ && audit != "")) ($5 ~ /^(strcpy|strcat|sprintf)$/ && audit != ""))
stupid_binaries[file] = stupid_binaries[file] " " $3; stupid_binaries[file] = stupid_binaries[file] " " $5;
if ($3 ~ /^(accept|recvfrom)$/) if ($5 ~ /^(accept|recvfrom)$/)
network_binaries[file] = 1; network_binaries[file] = 1;
} }
FILENAME ~ /\.setuid$/ { setuid_binaries[$0] = 1; } FILENAME ~ /\.setuid$/ { setuid_binaries[$0] = 1; }
FILENAME ~ /\.writable$/ { writable_files[$0] = 1; } FILENAME ~ /\.writable$/ { writable_files[$0] = 1; }
function print_header() { function print_header() {
if (header_printed) if (header_printed)
return; return;
if (audit != "") if (audit != "")
▲ Show 20 LinesShow All 63 LinesShow Last 20 Lines