audit: checking files

author: netblue30 <netblue30@yahoo.com> 2016-07-03 09:33:17 -0400
committer: netblue30 <netblue30@yahoo.com> 2016-07-03 09:33:17 -0400
commit: 5c85f2e8eef026fe8463500383a0e61f346d610c (patch)
tree: 3bfeefcda47d8d97f616dee5b119d0a1403e5cd6 /src/faudit/files.c
parent: audit: seccomp (diff)
download: firejail-5c85f2e8eef026fe8463500383a0e61f346d610c.tar.gz
firejail-5c85f2e8eef026fe8463500383a0e61f346d610c.tar.zst
firejail-5c85f2e8eef026fe8463500383a0e61f346d610c.zip
1 files changed, 73 insertions, 0 deletions
diff --git a/src/faudit/files.c b/src/faudit/files.c
new file mode 100644
index 000000000..0463af66d
--- /dev/null
+++ b/src/faudit/files.c
@@ -0,0 +1,73 @@
+/*
+ * Copyright (C) 2014-2016 Firejail Authors
+ *
+ * This file is part of firejail project
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+*/
+#include "faudit.h"
+#include <fcntl.h>
+#include <pwd.h>
+static char *username = NULL;
+static char *homedir = NULL;
+static void check_home_file(const char *name) {
+        assert(homedir);
+        
+        char *fname;
+        if (asprintf(&fname, "%s/%s", homedir, name) ==  -1)
+                errExit("asprintf");
+        if (access(fname, R_OK) == 0)
+                printf("UGLY: I can access files in %s directory\n", fname);
+        else
+                printf("GOOD: I cannot access files in %s directory\n", fname);
+        
+        free(fname);
+}
+void files_test(void) {
+        struct passwd *pw = getpwuid(getuid());
+        if (!pw) {
+                fprintf(stderr, "Error: cannot retrive user account information\n");
+                return;
+        }
+        
+        username = strdup(pw->pw_name);
+        if (!username)
+                errExit("strdup");
+        homedir = strdup(pw->pw_dir);
+        if (!homedir)
+                errExit("strdup");
+        
+        // check access to .ssh directory
+        check_home_file(".ssh");
+        // check access to .gnupg directory
+        check_home_file(".gnupg");
+        // check access to Firefox browser directory
+        check_home_file(".mozilla");
+        // check access to Chromium browser directory
+        check_home_file(".config/chromium");
+        
+        // check access to Debian Icedove directory
+        check_home_file(".icedove");
+        
+        // check access to Thunderbird directory
+        check_home_file(".thunderbird");
+}
author	netblue30 <netblue30@yahoo.com>	2016-07-03 09:33:17 -0400
committer	netblue30 <netblue30@yahoo.com>	2016-07-03 09:33:17 -0400
commit	5c85f2e8eef026fe8463500383a0e61f346d610c (patch)
tree	3bfeefcda47d8d97f616dee5b119d0a1403e5cd6 /src/faudit/files.c
parent	audit: seccomp (diff)
download	firejail-5c85f2e8eef026fe8463500383a0e61f346d610c.tar.gz firejail-5c85f2e8eef026fe8463500383a0e61f346d610c.tar.zst firejail-5c85f2e8eef026fe8463500383a0e61f346d610c.zip

diff --git a/src/faudit/files.c b/src/faudit/files.c new file mode 100644 index 000000000..0463af66d --- /dev/null +++ b/src/faudit/files.c
@@ -0,0 +1,73 @@
	1	/*
	2	* Copyright (C) 2014-2016 Firejail Authors
	3	*
	4	* This file is part of firejail project
	5	*
	6	* This program is free software; you can redistribute it and/or modify
	7	* it under the terms of the GNU General Public License as published by
	8	* the Free Software Foundation; either version 2 of the License, or
	9	* (at your option) any later version.
	10	*
	11	* This program is distributed in the hope that it will be useful,
	12	* but WITHOUT ANY WARRANTY; without even the implied warranty of
	13	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	14	* GNU General Public License for more details.
	15	*
	16	* You should have received a copy of the GNU General Public License along
	17	* with this program; if not, write to the Free Software Foundation, Inc.,
	18	* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
	19	*/
	20	#include "faudit.h"
	21	#include <fcntl.h>
	22	#include <pwd.h>
	23
	24	static char *username = NULL;
	25	static char *homedir = NULL;
	26
	27	static void check_home_file(const char *name) {
	28	assert(homedir);
	29
	30	char *fname;
	31	if (asprintf(&fname, "%s/%s", homedir, name) == -1)
	32	errExit("asprintf");
	33
	34	if (access(fname, R_OK) == 0)
	35	printf("UGLY: I can access files in %s directory\n", fname);
	36	else
	37	printf("GOOD: I cannot access files in %s directory\n", fname);
	38
	39	free(fname);
	40	}
	41
	42	void files_test(void) {
	43	struct passwd *pw = getpwuid(getuid());
	44	if (!pw) {
	45	fprintf(stderr, "Error: cannot retrive user account information\n");
	46	return;
	47	}
	48
	49	username = strdup(pw->pw_name);
	50	if (!username)
	51	errExit("strdup");
	52	homedir = strdup(pw->pw_dir);
	53	if (!homedir)
	54	errExit("strdup");
	55
	56	// check access to .ssh directory
	57	check_home_file(".ssh");
	58
	59	// check access to .gnupg directory
	60	check_home_file(".gnupg");
	61
	62	// check access to Firefox browser directory
	63	check_home_file(".mozilla");
	64
	65	// check access to Chromium browser directory
	66	check_home_file(".config/chromium");
	67
	68	// check access to Debian Icedove directory
	69	check_home_file(".icedove");
	70
	71	// check access to Thunderbird directory
	72	check_home_file(".thunderbird");
	73	}