Securix monitor: verify ET_DYN ELF format on all running processes

martinholovsky / Securix-Linux

Securix Main repository including installer and controll scripts

https://www.securix.org

GNU General Public License v3.0

14 stars 8 forks source link

Securix monitor: verify ET_DYN ELF format on all running processes #70

Open martinholovsky opened 9 years ago

martinholovsky commented 9 years ago

Hourly cron

idea (dirty code):

LIST="$(find -L /proc/*/exe -xtype l -exec test -e {} \; -print)"
# waiting on temp processes to end
sleep 1
# verify existence of files and ELF format
for elfformat in ${LIST}; do
    if [[ "$(file ${elfformat})" == "*ELF*" ]]; then
        if [[ "$(readelf -h ${elfformat} | grep "Type")" != "*DYN*" ]]; then
            echo "ELF file which is not in ET_DYN ELF format - ${elfformat}" >> ${SECURIXVAR}/elf-format.warn
        fi
    fi
done