forked from konstruktoid/hardening
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathcompilers
More file actions
29 lines (24 loc) · 650 Bytes
/
compilers
File metadata and controls
29 lines (24 loc) · 650 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
function f_restrictcompilers {
echo "[$SCRIPT_COUNT] Restrict compiler access"
# shellcheck disable=2046
while read -r x; do
if [ -f "$x" ] && [ -x "$x" ]; then
if ! test -L "$x"; then
chmod 0750 "$x"
if [[ $VERBOSE == "Y" ]]; then
echo "$x"
fi
fi
fi
done <<< "$(dpkg-query -L $(dpkg -l | grep compil | awk '{print $2}'))"
ASCOMP="$(command -v as)"
# shellcheck disable=2046
if [ -f "$ASCOMP" ] && [ -x "$ASCOMP" ]; then
chmod 0750 "$(readlink -eq $(command -v as))"
if [[ $VERBOSE == "Y" ]]; then
readlink -eq "$ASCOMP"
fi
fi
echo
((SCRIPT_COUNT++))
}