grindmonkeh: (horns.)
[personal profile] grindmonkeh
ie. propellorheaded linux fodder.

This is a simple bash script I just wrote that finds world-writable files on our not-for-profit webserver and generates a nice report via e-mail to the devtards. Our web devs for a mystical reason like to chmod 777 entire directories. That's bad, kids.

find /home -type f -perm -o+w -exec ls -l {} \; > /var/log/wwreport.txt
cp /var/log/wwreportdescrip.txt /var/log/sendreport.txt
cat /var/log/wwreport.txt >> /var/log/sendreport.txt
mail -s "*NameofServer* Server World Writable File Report" < /var/log/sendreport.txt
mv /var/log/sendreport.txt /var/log/sendreport.txt.`eval date +%Y%m%d`

wwreport.txt is filled with the list of directory paths.
wwreportdescrip.txt has pre-existing text: "The following is a report of world writable files in the public_html directories of the *NameofServer* server. These files will need to be given the correct permissions within the next seven days to maintain server security or access to the site(s) in question will be suspended."

These are both wrapped up into sendreport.txt, it's mailed, and then the report is archived with the date.

99.9% of everybody everywhere will not give a rat's ass about any of this, but to the one person who understands the frustration of having devtards in-house... Here you go.

(no subject)

Date: 2010-09-10 10:38 pm (UTC)
From: [identity profile]
I have a similar script, it also does an egrep -i "password=|passwd=" (something like that) on any world readable file with the word "start" in its name. Sadly, it gets results.

(no subject)

Date: 2010-09-11 06:58 am (UTC)
From: [identity profile]
I'll look into that!

I actually spent my drive home from work today trying to think of a horrific fluffy spin on the Dunwich Horror and/or The Shadow Over Innsmouth and came up with NOTHING!


grindmonkeh: (Default)

September 2010

5678 9 1011
1213141516 1718

Most Popular Tags

Style Credit

Expand Cut Tags

No cut tags
Powered by Dreamwidth Studios