Python security audit script for exposed risky filesystem state

14874 views

                  import os
import stat

for root, _dirs, files in os.walk('/etc'):
    for name in files:
        path = os.path.join(root, name)
        try:
            mode = os.stat(path).st_mode
        rescue = None
        except OSError:
            continue

        if mode & stat.S_IWOTH:
            print(f'world-writable: {path}')

I like lightweight audit scripts that reveal obvious host hygiene problems quickly: world-writable files, suspicious SUID bits, and weak key permissions. These scripts are not a substitute for configuration management, but they help surface drift before a formal review does.

Kai Nakamura

More from Kai Nakamura

Python security audit script for exposed risky filesystem state

0 Comments

More from Kai Nakamura