#!/bin/bash | |
# Run this script in your bash profile to audit PATHs and check for potential PATH interceptions. | |
# This isn't perfect but it's better than nothing. See here for a full discussion: | |
# http://modelephant.net/?p=95 | |
# N.B. All paths to external binaries are full paths to the macOS ones and are protected by SIP. | |
# This protects against PATH interception in this script | |
# set -x | |
function log() { | |
# echo $1 | |
return | |
} | |
function error() { | |
>&2 /usr/bin/printf "\033[1;31m $1 \033[0m" | |
} | |
function check_file() { | |
check_permissions $1 | |
check_owner $1 | |
} | |
function check_permissions() { | |
if [ ! -f $1 -a ! -d $1 ]; then | |
log "File or directory $1 doesn't exist" | |
return | |
fi | |
if [[ -w $1 ]]; then | |
error "$1 is writable by current user" | |
else | |
log "Profile $1 has good permissions" | |
fi | |
} | |
function check_owner() { | |
if [ ! -f $1 ]; then | |
log "File or directory $1 doesn't exist" | |
return | |
fi | |
OWNER=`/usr/bin/stat -f "%Su" $1` | |
if [[ $OWNER -ne "root" ]]; then | |
error "$1 is owned by $OWNER instead of root" | |
else | |
log "Profile $1 has the correct owner" | |
fi | |
} | |
# Check profiles are owned by root and not writable by current user. The root part matters because | |
# a malicious process could delete a file owned by root, rewrite it then mark it not writable. It | |
# would then be owned the the current user. | |
check_file /etc/profile | |
check_file ~/.bash_profile | |
check_file ~/.bash_login | |
check_file ~/.profile | |
# Check all paths are also owned by root and unwritable | |
export IFS=":" | |
for path in $PATH; do | |
check_file "$path" | |
done | |
TMP_FILE=`/usr/bin/mktemp` | |
/usr/bin/plutil -extract Shell xml1 -o $TMP_FILE ~/Library/Preferences/com.apple.Terminal.plist | |
# Yuck! Cheap and dirty. Might switch to python | |
BASH_LINE=`/bin/cat $TMP_FILE | /usr/bin/grep "<string>/bin/bash</string>"` | |
if [[ -z "${BASH_LINE[0]}" ]]; then | |
error "Wrong shell configured!" | |
fi |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment