a

ATAPAuditor/Helpers/ShellScripts/common/7.1.11.sh

@@ -0,0 +1,31 @@
+#!/usr/bin/env bash
+#####  NOT TESTED PROPERLY, THIS SCRIPT COULD BE CHANGED IN THE FUTURE #####
+smask="01000"
+
+ignored_paths=(
+	"/run/user/*"
+	"/proc/*"
+	"*/containerd/*"
+	"*/kubelet/pods/*"
+	"/sys/*"
+	"/snap/*"
+)
+
+while read -r path; do
+	ignored_paths+=("$path/*")
+done < <(findmnt -Dkerno fstype,target | awk '$1 ~ /^(nfs|proc|smb|vfat)$/ {print $2}')
+
+world_writable_files=$(find / \( ! -path "${ignored_paths[0]}" $(printf " -a ! -path %s" "${ignored_paths[@]:1}") \) \
+	-type f -perm -0002 2>/dev/null)
+
+world_writable_dirs=$(find / -type d -perm -0002 ! -perm -$smask $(printf " -a ! -path '%s' " "${ignored_paths[@]}") 2>/dev/null)
+
+if [ -n "$world_writable_files" ]; then
+	exit 1
+fi
+
+if [ -n "$world_writable_dirs" ]; then
+	exit 1
+fi
+
+exit 0