mirror of
https://github.com/projectdiscovery/nuclei-templates.git
synced 2026-01-31 15:53:33 +08:00
51 lines
1.6 KiB
YAML
51 lines
1.6 KiB
YAML
id: linux-cron-permissions-check
|
|
|
|
info:
|
|
name: Cron Access File Ownership & Permissions
|
|
author: songyaeji
|
|
severity: high
|
|
description: |
|
|
/etc/cron.allow and /etc/cron.deny (if present) were required to be owned by root (UID 0) with strict 640 permissions.If neither file existed, only the root user could use cron, which was considered the safe default behavior.
|
|
reference:
|
|
- https://isms.kisa.or.kr
|
|
tags: local,linux,audit,kisa,compliance
|
|
|
|
self-contained: true
|
|
|
|
code:
|
|
- engine:
|
|
- bash
|
|
source: |
|
|
result=""
|
|
|
|
check_file() {
|
|
file=$1
|
|
if [ -f "$file" ]; then
|
|
owner=$(stat -c "%u" "$file") # numeric UID
|
|
perm=$(stat -c "%a" "$file") # permissions
|
|
if [ "$owner" -ne 0 ] || [ "$perm" -ne 640 ]; then
|
|
result+="[WARN] $file misconfigured\n"
|
|
fi
|
|
fi
|
|
}
|
|
|
|
check_file /etc/cron.allow
|
|
check_file /etc/cron.deny
|
|
|
|
if [ -n "$result" ]; then
|
|
echo -e "$result"
|
|
else
|
|
if [ ! -f /etc/cron.allow ] && [ ! -f /etc/cron.deny ]; then
|
|
echo "[OK] no cron access files found (default safe behavior)"
|
|
else
|
|
echo "[OK] cron files properly configured"
|
|
fi
|
|
fi
|
|
|
|
matchers:
|
|
- type: word
|
|
part: response
|
|
words:
|
|
- "[WARN] /etc/cron.allow misconfigured"
|
|
- "[WARN] /etc/cron.deny misconfigured"
|
|
# digest: 490a004630440220180a1385922d6792b7c466fde7a1f487c47fe0525a02e7adf73eea1cc50e8d100220684a7e5fd3ca7898c61cde73008a3725f8753709b7ea323a254b27a075c3ff1f:922c64590222798bb761d5b6d8e72950 |