Add a check for executables in /tmp

Yaknow, case we get owned
This commit is contained in:
Salt 2022-04-27 17:25:04 -05:00
parent 2d6a52f439
commit 815044fca0

32
check_executables_in_tmp Executable file
View File

@ -0,0 +1,32 @@
#! /bin/sh
#
# check_executables_in_tmpdir
# Check a directory for executables and become angry if we find them
#
# Copyright (C) 2022 Jacob Babor <jacob@babor.tech>
#
# Distributed under terms of the MIT license.
#
set -e
tmpdir="/tmp"
# Compile a list of executables found in /tmp
executables=""
find "$tmpdir" -type f -executable 2>/dev/null | while read line; do
if [ -z "$executables" ]; then
executables="$line"
else
executables="$executables, $line"
fi
done
# If we found any, become angry
if [ -n "$executables" ]; then
echo "CRITICAL: Found executables in $tmpdir: $executables"
exit 2
else
echo "OK: No executables in $tmpdir"
exit 0
fi