Set sticky bits

5c79c584 · Bob Mottram · 3f58fc17 · 5c79c584
Commit 5c79c584 authored 8 years ago by Bob Mottram
--- a/src/freedombone-utils-setup
+++ b/src/freedombone-utils-setup
@@ -416,6 +416,14 @@ function remove_serial_logins {
    fi
 }

+function set_sticky_bits {
+    world_writable=$(find / -xdev -type d -perm -002 \! -perm -1000)
+    for w in $world_writable; do
+        echo "Setting sticky bit on $w"
+        chmod +t $w
+    done
+}
+
 function lockdown_permissions {
    if [ -d /bin ]; then
        chown root:root /bin/*
@@ -466,6 +474,8 @@ function lockdown_permissions {
    if [ -f /usr/sbin/exim4 ]; then
        chmod u+s /usr/sbin/exim4
    fi
+
+    set_sticky_bits
 }

 function disable_core_dumps {