1#!/bin/bash 2######################################################## 3# 4# CHANGE ACTIVITY 5# 6# 10/01/04 Kris Wilson RHEL4 only allows super user 7# to use crontab. 8# to use crontab. 9# 12/03/04 Marty Ridgeway Pull RHEl4 tests out from script 10######################################################## 11 12iam=`whoami` 13 14if [ $iam = "root" ]; then 15 if [ $# -lt 1 ] ; then 16 echo Either do not run this script as root or start it like 17 echo " $0 <user>" 18 exit 1 19 fi 20 21 su $1 -c "$0 $*" 22 exit $? 23fi 24 25# 26# 1. root einen cronjob unterjubeln 27# 28 29finalrc=0 30 31 32crontab -u root - << EOF 330 * * * * true 34EOF 35 36rc=$? 37 38if [ $rc = "0" ]; then 39 echo root has now an interesting cron job 40 echo "crontab has a severe security breach (FAIL)" 41 echo 42 finalrc=1 43else 44 echo "Editing a crontab of another user failed successfully (PASS)" 45 echo 46fi 47 48 49# 50# 2. write some illegal crontabs 51# 52 53# Save crontab 54 55#crontab -l > /dev/null 2> /dev/null 56#if [ $? = "0" ]; then 57# echo Saving current crontab... 58# echo 59# crontab -l > /tmp/save-crontab-`whoami` 60# savedcrontab=1 61# crontab -r 62#fi 63 64#for line in `cat cron_illegal_cron_lines | grep '^[^#]' | sed -e 's/[ \t][ \t]*/_/g'` ; do 65# line=`echo $line | sed -e 's/_/ /g'` 66 # echo Line: "$line" 67# cronconf=`echo "$line" | cut -f 1 -d '|'` 68# desc=`echo "$line" | cut -f 2 -d '|'` 69 70# echo "Test: $desc" 71# echo "$cronconf true" | crontab - 72 # echo "$cronconf" 73# if [ $? = "0" ]; then 74# echo 'Test FAILED (or crontab returned wrong exit code)' 75# echo 'crontab -l:' 76# crontab -l 77# finalrc=1 78# fi 79# echo 80#done 81 82 83# Test whether cron uses setuid correctly 84 85echo 86echo setuid test 87echo 88 89tmpscript=cron_neg01_test 90rm -rf $tmpscript.out >/dev/null 2>&1 91 92 93cat > /tmp/$tmpscript << EOF 94touch /root/halloichwarhier 95sleep 1 96cat /root/halloichwarhier ; echo "res:$?" 97rm /root/halloichwarhier 98EOF 99 100chmod 755 /tmp/$tmpscript 101 102# 103cronline=`date '+%M' | awk '{print ($1+2)%60 " * * * * "}'` 104(echo "$cronline /tmp/$tmpscript >> /tmp/$tmpscript.out 2>> /tmp/$tmpscript.out" ; \ 105 echo "$cronline /tmp/$tmpscript >> /$tmpscript.out 2>> /$tmpscript.out") \ 106 | crontab - 107 108echo "sleeping 130 secs..." 109sleep 130 110 111echo 112echo "Results:" 113if [ "1" = `cat /tmp/$tmpscript.out | grep "res:0" | wc -l` ]; then 114 echo "setuid test part 1 successfully failed (PASS)" 115else 116 echo "cron executed scripts have root privileges! (FAIL)" 117 finalrc=1 118fi 119 120CODE=0 121test -e /tmp/$tmpscript.out && CODE=1 122if [ $CODE = "1" ]; then 123 echo "setuid test part 2 successfully failed (PASS)" 124else 125 echo "cron writes script output with root privileges! (FAIL)" 126 finalrc=1 127fi 128echo 129 130rm /tmp/$tmpscript* >/dev/null 2>&1 131crontab -r 132 133# Restore crontab 134 135if [ "$savedcrontab" = "1" ]; then 136 echo "Restoring crontab..." 137 cat /tmp/save-crontab-`whoami` | grep '^[^#]' | crontab - 138 # rm -r /tmp/save-crontab-`whoami` 139fi 140 141exit $finalrc 142