#!/usr/bin/env python3
from os import stat
from os.path import isfile
from audit.system.plugins.grub import grub
class Grub:
def __init__(self, arguments):
self._object = grub()
self._reports = dict()
# Create the report
self._constructReports()
def runAudit(self):
print("Running test for Grub")
self._analyzingGrub()
def getReports(self) -> dict:
return self._reports
def _analyzingGrub(self):
# Check if the file exist
path = self._object['filename']
try:
if isfile(path):
permission = self._check_permission(path)
if permission != oct(self._object['value']):
self._reports['result'] = 'failed'
self._reports['resolve'] = self._object['resolve']
else:
self._reports['result'] = 'success'
self._reports['description'] = self._object['description']
self._reports['level'] = self._object['level']
self._reports['current_value'] = permission[2:]
except FileNotFoundError:
self._reports['grub']['error'] = \
f'File {path} not found'
def _check_permission(self, path) -> oct:
"""
In this function, we get the permission of the file
"""
permission = stat(path).st_mode
octal = 0o000
# Check user permission
if permission & 0o400: # Read
octal += 0o400
if permission & 0o200: # Write
octal += 0o200
if permission & 0o100: # Execute
octal += 0o100
# Check group permission
if permission & 0o040:
octal += 0o040
if permission & 0o020:
octal += 0o020
if permission & 0o010:
octal += 0o010
# Check other permission
if permission & 0o004:
octal += 0o004
if permission & 0o002:
octal += 0o002
if permission & 0o001:
octal += 0o001
return oct(octal)
def _constructReports(self):
"""
Construct dictionary for result of the tests
Each entry contains:
Key:
- filename: filename of the test
- line: line of the test
- parse: Display the line where the vulnerabilites has been found
- description: description of the vulnerability
- level: high, medium or low
"""
self._reports = dict()
self._reports['filename'] = self._object['filename']