Add case for global exec #570

tonybaloney · 2020-01-31T04:36:55Z

Updates the general_bad_file_permissions plugin to give:

Medium if group writable or executable
High if global writable or executable

Closes #569

…ch updates the docs)

…ngs given.

lukehinds · 2020-03-06T11:50:15Z

hey @tonybaloney

we also need to add the new stat values you added into the example file bandit/examples/os-chmod-py3.py

for example..

>> Issue: [B103:set_bad_file_permissions] Chmod setting a permissive mask 0o777 on file (/etc/hosts).
   Severity: High   Confidence: High
   Location: /home/luke/repos/bandit/examples/os-chmod-py3.py:14
   More Info: https://bandit.readthedocs.io/en/latest/plugins/b103_set_bad_file_permissions.html
14	os.chmod('/etc/hosts', 0o777)

tonybaloney · 2020-06-02T12:53:43Z

@lukehinds sorry I fell asleep on this one! Updated

ericwb · 2022-03-29T02:04:50Z

@tonybaloney I approved, wanna rebase and resolve the conflicts.

tests/functional/test_functional.py

examples/os-chmod-py2.py

Add case for global exec

15c710f

tonybaloney mentioned this pull request Feb 26, 2020

general_bad_file_permissions permits most dangerous flag #569

Closed

tonybaloney and others added 3 commits February 27, 2020 08:45

Include group writable in medium permissions and update comments (whi…

f1e96f3

…ch updates the docs)

Update test assertions since there will be more medium and high warni…

b1ae81b

…ngs given.

Add some extra examples

5b9f3c3

tonybaloney added 3 commits June 2, 2020 14:32

Merge branch 'master' into perms

4c24aed

Update tests and baseline

b990a18

Refactor stat check

eb39bb1

ericwb approved these changes Mar 29, 2022

View reviewed changes

ericwb reviewed Jul 8, 2022

View reviewed changes

tests/functional/test_functional.py Outdated Show resolved Hide resolved

Update tests/functional/test_functional.py

c10769e

ericwb requested review from lukehinds and sigmavirus24 as code owners July 8, 2022 19:37

ericwb reviewed Jul 8, 2022

View reviewed changes

examples/os-chmod-py2.py Outdated Show resolved Hide resolved

ericwb added 8 commits July 8, 2022 12:55

Update examples/os-chmod-py2.py

e6fc991

Update os-chmod-py2.py

135ad93

Update test_functional.py

4180da3

Update os-chmod-py3.py

4401239

Update os-chmod-py3.py

d219c18

Merge branch 'main' into perms

f62786f

Update os-chmod.py

14e5dcc

Update general_bad_file_permissions.py

f28d4a4

ericwb merged commit 5809d1b into PyCQA:main Jul 8, 2022

tonybaloney deleted the perms branch July 8, 2022 21:31

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Add case for global exec #570

Add case for global exec #570

tonybaloney commented Jan 31, 2020 •

edited by ericwb

lukehinds commented Mar 6, 2020 •

edited

tonybaloney commented Jun 2, 2020

ericwb commented Mar 29, 2022

Add case for global exec #570

Add case for global exec #570

Conversation

tonybaloney commented Jan 31, 2020 • edited by ericwb

lukehinds commented Mar 6, 2020 • edited

tonybaloney commented Jun 2, 2020

ericwb commented Mar 29, 2022

tonybaloney commented Jan 31, 2020 •

edited by ericwb

lukehinds commented Mar 6, 2020 •

edited