The whitelist is now taken from a file (/etc/findwwwritable/whitelist).
authorPhilipp Spitzer <philipp@spitzer.priv.at>
Tue, 29 May 2012 21:27:43 +0000 (23:27 +0200)
committerPhilipp Spitzer <philipp@spitzer.priv.at>
Tue, 29 May 2012 21:27:43 +0000 (23:27 +0200)
findwwwritable.py

index b525c3c..6ef15c1 100755 (executable)
@@ -56,6 +56,22 @@ def summarize_dirs(writable_dirs):
     return writable_dirs
 
 
+def read_whitelist(whitelist_filename):
+    """Reads the given whitelist (one directory name per line) and returns it as list.
+    Empty lines are omitted. Lines beginning with # are omitted as well.
+    If the file does not exist, it returns an empty list."""
+    whitelist = []
+    try: file = open(whitelist_filename, 'r')
+    except IOError: return []
+    for line in file:
+        line = line.strip()
+        if len(line) == 0: continue
+        if line[0] == '#': continue
+        whitelist.append(line)
+    file.close()
+    return sorted(set(whitelist))
+
+
 def apply_whitelist(writable_dirs, whitelist):
     """Removes all directories that are contained in the list whitelist from the list writable_dirs.
     It returns the modified writable_dirs.
@@ -73,7 +89,11 @@ if __name__ == '__main__':
     uids = [33]                # user ids of the user whos write permissions should be found
     gids = [33, 42, 121, 127]  # group ids of the user whos write permissions should be found
     rootdir = '/home'          # directory where the seach is started
-    whitelist = []             # list of directories that are known to be writable and that should not be reported.
+    whitelist_filename = '/etc/findwwwritable/whitelist' # list of directories that are known to be writable
+                                                         # and that should not be reported.
+
+    # read whitelist
+    whitelist = read_whitelist(whitelist_filename)
 
     # collect and summarize writable directories
     writable_dirs = collect_writable_dirs(rootdir, uids, gids)