Advertencia de WHM sobre permisos no válidos en /etc/shadow, "Esperado: 3377602730, Real: 0644"

Question

Mirando la fuente. Intente establecer permisos 0200 o 0600.

sub _check_for_unsafe_permissions {
my ($self) = @_;

my %test_files = (
    '/etc/shadow' => { 'perms' => [ 0200, 0600 ], 'uid' => 0, 'gid' => 0 },
    '/etc/passwd' => { 'perms' => [0644], 'uid' => 0, 'gid' => 0 }
);

for my $file ( keys %test_files ) {
    my $expected_attributes = $test_files{$file};
    my ( $current_mode, $uid, $gid ) = ( stat($file) )[ 2, 4, 5 ];
    my $perms_ok = 0;
    foreach my $allowed_perms ( @{ $expected_attributes->{'perms'} } ) {
        if ( ( $allowed_perms & 07777 ) == ( $current_mode & 07777 ) ) {
            $perms_ok = 1;
            last;
        }
    }
    if ( !$perms_ok ) {
        my $expected_mode = sprintf( "%04o", $expected_attributes->{'perms'} );
        my $actual_mode   = sprintf( "%04o", $current_mode & 07777 );
        $self->add_warn_advice(
            'text'       => ["$file has non default permissions.  Expected: $expected_mode, Actual: $actual_mode."],
            'suggestion' => ["Review the permissions on $file to ensure they are safe"]
        );
    }

    if ( $uid != $expected_attributes->{'uid'} or $gid != $expected_attributes->{'gid'} ) {
        $self->add_warn_advice(
            'text'       => ["$file has non root user and/or group"],
            'suggestion' => ["Review the ownership permissions

La salida del permiso esperada debe ser un valor con formato octal de 4 caracteres, pero parece que la función sprint de Perl muestra incorrectamente el valor de la matriz multidimensional que muestra basura.

Fuente (El Asesor de Seguridad se encuentra dentro del Centro de Seguridad de WHM - Cpanel) https://github.com/bdraco/addon_securityadvisor https://github.com/bdraco/addon_securityadvisor/blob/master/pkg/Cpanel/Security/Advisor/Assessors/Permissions.pm

Answer 1

Mirando la fuente. Intente establecer permisos 0200 o 0600.

sub _check_for_unsafe_permissions {
my ($self) = @_;

my %test_files = (
    '/etc/shadow' => { 'perms' => [ 0200, 0600 ], 'uid' => 0, 'gid' => 0 },
    '/etc/passwd' => { 'perms' => [0644], 'uid' => 0, 'gid' => 0 }
);

for my $file ( keys %test_files ) {
    my $expected_attributes = $test_files{$file};
    my ( $current_mode, $uid, $gid ) = ( stat($file) )[ 2, 4, 5 ];
    my $perms_ok = 0;
    foreach my $allowed_perms ( @{ $expected_attributes->{'perms'} } ) {
        if ( ( $allowed_perms & 07777 ) == ( $current_mode & 07777 ) ) {
            $perms_ok = 1;
            last;
        }
    }
    if ( !$perms_ok ) {
        my $expected_mode = sprintf( "%04o", $expected_attributes->{'perms'} );
        my $actual_mode   = sprintf( "%04o", $current_mode & 07777 );
        $self->add_warn_advice(
            'text'       => ["$file has non default permissions.  Expected: $expected_mode, Actual: $actual_mode."],
            'suggestion' => ["Review the permissions on $file to ensure they are safe"]
        );
    }

    if ( $uid != $expected_attributes->{'uid'} or $gid != $expected_attributes->{'gid'} ) {
        $self->add_warn_advice(
            'text'       => ["$file has non root user and/or group"],
            'suggestion' => ["Review the ownership permissions

La salida del permiso esperada debe ser un valor con formato octal de 4 caracteres, pero parece que la función sprint de Perl muestra incorrectamente el valor de la matriz multidimensional que muestra basura.

Fuente (El Asesor de Seguridad se encuentra dentro del Centro de Seguridad de WHM - Cpanel) https://github.com/bdraco/addon_securityadvisor https://github.com/bdraco/addon_securityadvisor/blob/master/pkg/Cpanel/Security/Advisor/Assessors/Permissions.pm

Advertencia de WHM sobre permisos no válidos en /etc/shadow, "Esperado: 3377602730, Real: 0644"

Respuesta1

información relacionada