First working version.
authorPhilipp Spitzer <philipp@spitzer.priv.at>
Tue, 29 May 2012 18:58:37 +0000 (20:58 +0200)
committerPhilipp Spitzer <philipp@spitzer.priv.at>
Tue, 29 May 2012 18:58:37 +0000 (20:58 +0200)
findwwwritable.py [new file with mode: 0755]

diff --git a/findwwwritable.py b/findwwwritable.py
new file mode 100755 (executable)
index 0000000..346dc90
--- /dev/null
@@ -0,0 +1,39 @@
+#!/usr/bin/python
+import os
+import stat
+from os.path import join
+
+wwwdata_uid = 33
+wwwdata_gids = [33, 42, 121, 127]
+
+# collect bad files
+bad_dirs = [] # wwwdata has write permissions
+
+for root, dirs, files in os.walk('/home'):
+       for f in dirs:
+               fp = join(root, f) # fp is the dir with path
+               s = os.lstat(fp)
+               if (s.st_mode & stat.S_IFLNK) == stat.S_IFLNK: continue # skip symlinks
+               if s.st_uid == wwwdata_uid and (s.st_mode & stat.S_IWUSR) > 0:
+                       bad_dirs.append(fp)
+               elif s.st_gid in wwwdata_gids and (s.st_mode & stat.S_IWGRP) > 0:
+                       bad_dirs.append(fp)
+               elif (s.st_mode & stat.S_IWOTH) > 0:
+                       bad_dirs.append(fp)
+
+
+bad_dirs = sorted(bad_dirs)
+
+
+i = 0
+while i < len(bad_dirs)-1:
+       if bad_dirs[i+1].startswith(bad_dirs[i] + '/'):
+               del bad_dirs[i+1]
+       else:
+               i += 1
+
+
+for fp in bad_dirs:
+       print fp
+
+