#!/bin/sh
#
#     tiger - A UN*X security checking system
#     Copyright (C) 1993 Douglas Lee Schales, David K. Hess, David R. Safford
#
#     Please see the file `COPYING' for the complete copyright notice.
#
# sub/check_suid - 06/14/93
#
#-----------------------------------------------------------------------------
# This script is not runnable directly.
# 
inputfile="$1"

[ "$CONFIGURED_ALREADY" != "YES" ] && {
  echo "--ERROR-- [init008e] This script can not be run directly."
  exit 1
}

. $BASEDIR/initdefs

#
# If run in test mode (-t) this will verify that all required
# elements are set.
#
[ "$Tiger_TESTMODE" = 'Y' ] && {
  haveallcmds RM FILECMD SGREP LS STRINGS SORT COMM CAT AWK || exit 1
  haveallfiles BASEDIR WORKDIR SUID_LIST || exit 1
  
  echo "--CONFIG-- [init003c] $0: Configuration ok..."
  exit 0
}

#------------------------------------------------------------------------
echo
echo "# Checking setuid executables..."

haveallfiles BASEDIR WORKDIR || exit 1

[ -n "$TigerCheckEmbedded" -a "x$Tiger_Embed_Check_SUID" = 'xY' ] && {
  while read file
  do
    $LS -lLd "$file" 2>/dev/null | {
      read p l owner rest
      [ "$owner" = root ] && echo "$file" >> $TigerCheckEmbedded
    }
  done
}

haveallcmds FILECMD LS SGREP STRINGS && {
  while read file
  do
    $FILECMD "$file" 2>/dev/null | $SGREP script 2>/dev/null && {
      message FAIL fsys001f "" "File $file is a setuid script:"
      $LS $LSGROUP -ld "$file"
    }

    case "$file" in
    *xterm) {
      message WARN misc013w "" "$file: see CERT Advisory CA-93:17 about a security hole in xterm."
    }
    ;;
    esac
  
    $STRINGS - "$file" 2>/dev/null |
    $SGREP '\.\./' 2>/dev/null && {
      $SGREP "$file" $REL_FILE_EXCP 2>/dev/null || {
	case "$file" in
	  */xload)
	  message WARN misc015w "" "$file appears to contain relative pathnames.  There is a known security vulnerability with xload in this configuration."
	  ;;
          *)
	  message WARN fsys002w "" "setuid program $file has relative pathnames."
          ;;
        esac
      }
    }
    getpermit "$file" |
    pathmsg . suidxxx "$file" . "Setuid file" ""
  done < $inputfile
  
  echo
}

haveallcmds SORT COMM CAT && {
  if [ -n "$SUID_LIST" -a -s "$SUID_LIST" ]; then
    $SORT $SUID_LIST |
    $COMM -23 $inputfile - > $WORKDIR/suid.list.$$
  else
    message CONFIG fsys003c "" 'No setuid list... listing all setuid files'
    $CAT $inputfile > $WORKDIR/suid.list.$$
  fi
}

haveallcmds LS AWK && {
  [ -s $WORKDIR/suid.list.$$ ] && {
    message INFO fsys004i "" 'The following setuid programs are non-standard:'
    while read file
    do
      $LS $LSGROUP -ld "$file"
    done < $WORKDIR/suid.list.$$ |
    $AWK '{printf("%10s %-8s %-8s %s\n", $1, $3, $4, $NF);}' |
    $SORT
    echo
  }
}

#
# Try to locate setuid copies of any executables we have signatures
# for.
#
haveallcmds SORT AWK COMM GREP LS SNEFRU &&
haveallfiles SIGNATURE_FILE && {
  $SORT $WORKDIR/suid.list.$$ > $WORKDIR/suid.$$
  $AWK '{print $3}' $SIGNATURE_FILE |
  $SORT |
  $COMM -13 - $WORKDIR/suid.$$ |
  while read file
  do
    loc_signature=
    case "$p1$p2$p3$p4$p5$p6$p7$p8" in
      *[!0-9a-f]*) {
	std_signature="$p1"
	comment="$p2 $p3 $p4 $p5 $p6 $p7 $p8 $comment"
	[ -n "$MD5" ] && loc_signature="`$MD5 < $file`"
      }
      ;;
      *) {
	std_signature=" $p1 $p2 $p3 $p4 $p5 $p6 $p7 $p8"
	[ -n "$SNEFRU" ] && loc_signature="`$SNEFRU < $file`"
      }
      ;;
    esac
    [ -n "$loc_signature" ] && {
      $GREP "$loc_signature" $SIGNATURE_FILE | {
	read flag msgid rfile p1 p2 p3 p4 p5 p6 p7 p8 comment
	[ -n "$rfile" -a "$file" != "$rfile" ] && {
	  message ALERT suid001a "" "\`$file' is a setuid copy of $rfile [$comment]."
	  $LS -ld $LSGROUP $file
	}
      }
    }
  done
}

delete $WORKDIR/suid.list.$$ $WORKDIR/suid.$$
