From edf1588c27d93478a40d8f86afe81f3a6db3f690 Mon Sep 17 00:00:00 2001
From: Jacob Babor <jacob@babor.tech>
Date: Wed, 27 Apr 2022 17:39:20 -0500
Subject: [PATCH] Fix a myriad of issues with that last script

---
 check_executables_in_tmp | 15 ++++++++++++---
 1 file changed, 12 insertions(+), 3 deletions(-)

diff --git a/check_executables_in_tmp b/check_executables_in_tmp
index 90db240..c4c7796 100755
--- a/check_executables_in_tmp
+++ b/check_executables_in_tmp
@@ -1,4 +1,4 @@
-#! /bin/sh
+#! /bin/bash
 #
 # check_executables_in_tmpdir
 # Check a directory for executables and become angry if we find them
@@ -12,15 +12,24 @@ set -e
 
 tmpdir="/tmp"
 
+#
 # Compile a list of executables found in /tmp
+#
+# Note that we deliberately use the -perm flag instead of the -executable flag
+#
+# This is by design, as -executable will fail on systems with noexec on the
+# filesystem we're checking. This runs counter to our goal here, which is just
+# to see if some skid has dumped a cryptominer on the machine.
+#
 executables=""
-find "$tmpdir" -type f -executable 2>/dev/null | while read line; do
+while read line; do
 	if [ -z "$executables" ]; then
 		executables="$line"
 	else
 		executables="$executables, $line"
 	fi
-done
+done < <(find "$tmpdir" -type f -perm /u=x,g=x,o=x 2>/dev/null || true )
+
 
 # If we found any, become angry
 if [ -n "$executables" ]; then