1 #!/bin/bash 2 ######################################################## 3 # 4 # CHANGE ACTIVITY 5 # 6 # 10/01/04 Kris Wilson RHEL4 only allows super user 7 # to use crontab. 8 # to use crontab. 9 # 12/03/04 Marty Ridgeway Pull RHEl4 tests out from script 10 ######################################################## 11 12 iam=`whoami` 13 14 if [ $iam = "root" ]; then 15 if [ $# -lt 1 ] ; then 16 echo Either do not run this script as root or start it like 17 echo " $0 <user>" 18 exit 1 19 fi 20 21 su $1 -c "$0 $*" 22 exit $? 23 fi 24 25 # 26 # 1. root einen cronjob unterjubeln 27 # 28 29 finalrc=0 30 31 32 crontab -u root - << EOF 33 0 * * * * true 34 EOF 35 36 rc=$? 37 38 if [ $rc = "0" ]; then 39 echo root has now an interesting cron job 40 echo "crontab has a severe security breach (FAIL)" 41 echo 42 finalrc=1 43 else 44 echo "Editing a crontab of another user failed successfully (PASS)" 45 echo 46 fi 47 48 49 # 50 # 2. write some illegal crontabs 51 # 52 53 # Save crontab 54 55 #crontab -l > /dev/null 2> /dev/null 56 #if [ $? = "0" ]; then 57 # echo Saving current crontab... 58 # echo 59 # crontab -l > /tmp/save-crontab-`whoami` 60 # savedcrontab=1 61 # crontab -r 62 #fi 63 64 #for line in `cat cron_illegal_cron_lines | grep '^[^#]' | sed -e 's/[ \t][ \t]*/_/g'` ; do 65 # line=`echo $line | sed -e 's/_/ /g'` 66 # echo Line: "$line" 67 # cronconf=`echo "$line" | cut -f 1 -d '|'` 68 # desc=`echo "$line" | cut -f 2 -d '|'` 69 70 # echo "Test: $desc" 71 # echo "$cronconf true" | crontab - 72 # echo "$cronconf" 73 # if [ $? = "0" ]; then 74 # echo 'Test FAILED (or crontab returned wrong exit code)' 75 # echo 'crontab -l:' 76 # crontab -l 77 # finalrc=1 78 # fi 79 # echo 80 #done 81 82 83 # Test whether cron uses setuid correctly 84 85 echo 86 echo setuid test 87 echo 88 89 tmpscript=cron_neg01_test 90 rm -rf $tmpscript.out >/dev/null 2>&1 91 92 93 cat > /tmp/$tmpscript << EOF 94 touch /root/halloichwarhier 95 sleep 1 96 cat /root/halloichwarhier ; echo "res:$?" 97 rm /root/halloichwarhier 98 EOF 99 100 chmod 755 /tmp/$tmpscript 101 102 # 103 cronline=`date '+%M' | awk '{print ($1+2)%60 " * * * * "}'` 104 (echo "$cronline /tmp/$tmpscript >> /tmp/$tmpscript.out 2>> /tmp/$tmpscript.out" ; \ 105 echo "$cronline /tmp/$tmpscript >> /$tmpscript.out 2>> /$tmpscript.out") \ 106 | crontab - 107 108 echo "sleeping 130 secs..." 109 sleep 130 110 111 echo 112 echo "Results:" 113 if [ "1" = `cat /tmp/$tmpscript.out | grep "res:0" | wc -l` ]; then 114 echo "setuid test part 1 successfully failed (PASS)" 115 else 116 echo "cron executed scripts have root privileges! (FAIL)" 117 finalrc=1 118 fi 119 120 CODE=0 121 test -e /tmp/$tmpscript.out && CODE=1 122 if [ $CODE = "1" ]; then 123 echo "setuid test part 2 successfully failed (PASS)" 124 else 125 echo "cron writes script output with root privileges! (FAIL)" 126 finalrc=1 127 fi 128 echo 129 130 rm /tmp/$tmpscript* >/dev/null 2>&1 131 crontab -r 132 133 # Restore crontab 134 135 if [ "$savedcrontab" = "1" ]; then 136 echo "Restoring crontab..." 137 cat /tmp/save-crontab-`whoami` | grep '^[^#]' | crontab - 138 # rm -r /tmp/save-crontab-`whoami` 139 fi 140 141 exit $finalrc 142
