1 |
Use eqawarn instead of __vecho for visibility. |
2 |
|
3 |
Present the list of offending files newline-delimitered for consistency |
4 |
with other checks. |
5 |
--- |
6 |
bin/install-qa-check.d/90world-writable | 28 +++++++++++++++++++++------- |
7 |
1 file changed, 21 insertions(+), 7 deletions(-) |
8 |
|
9 |
diff --git a/bin/install-qa-check.d/90world-writable b/bin/install-qa-check.d/90world-writable |
10 |
index 771027e..ff186c5 100644 |
11 |
--- a/bin/install-qa-check.d/90world-writable |
12 |
+++ b/bin/install-qa-check.d/90world-writable |
13 |
@@ -2,21 +2,35 @@ |
14 |
|
15 |
world_writable_check() { |
16 |
# Now we look for all world writable files. |
17 |
- local unsafe_files=$(find "${ED}" -type f -perm -2 | sed -e "s:^${ED}:- :") |
18 |
+ local unsafe_files=$(find "${ED}" -type f -perm -2 | sed -e "s:^${ED}:/:") |
19 |
+ local OLDIFS x |
20 |
+ |
21 |
+ OLDIFS=$IFS |
22 |
+ IFS=$'\n' |
23 |
+ |
24 |
if [[ -n ${unsafe_files} ]] ; then |
25 |
- __vecho "QA Security Notice: world writable file(s):" |
26 |
- __vecho "${unsafe_files}" |
27 |
- __vecho "- This may or may not be a security problem, most of the time it is one." |
28 |
- __vecho "- Please double check that $PF really needs a world writeable bit and file bugs accordingly." |
29 |
- sleep 1 |
30 |
+ eqawarn "QA Security Notice: world writable file(s):" |
31 |
+ |
32 |
+ for x in $unsafe_files ; do |
33 |
+ eqawarnlog world-writable $x |
34 |
+ done |
35 |
+ |
36 |
+ eqawarn "This may or may not be a security problem, most of the time it is one." |
37 |
+ eqawarn "Please double check that $PF really needs a world writeable bit and file bugs accordingly." |
38 |
+ eqawarn |
39 |
fi |
40 |
|
41 |
local unsafe_files=$(find "${ED}" -type f '(' -perm -2002 -o -perm -4002 ')' | sed -e "s:^${ED}:/:") |
42 |
if [[ -n ${unsafe_files} ]] ; then |
43 |
eqawarn "QA Notice: Unsafe files detected (set*id and world writable)" |
44 |
- eqawarn "${unsafe_files}" |
45 |
+ |
46 |
+ for x in $unsafe_files ; do |
47 |
+ eqawarnlog world-writable-setid $x |
48 |
+ done |
49 |
die "Unsafe files found in \${D}. Portage will not install them." |
50 |
fi |
51 |
+ |
52 |
+ IFS=OLDIFS |
53 |
} |
54 |
|
55 |
world_writable_check |
56 |
-- |
57 |
2.0.4 |