From 5c79c584fcd064470cad735a348ba86be513f8b2 Mon Sep 17 00:00:00 2001
From: Bob Mottram <bob@robotics.uk.to>
Date: Wed, 30 Nov 2016 13:40:17 +0000
Subject: [PATCH] Set sticky bits

---
 src/freedombone-utils-setup | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/src/freedombone-utils-setup b/src/freedombone-utils-setup
index 186069013..7d505d2ef 100755
--- a/src/freedombone-utils-setup
+++ b/src/freedombone-utils-setup
@@ -416,6 +416,14 @@ function remove_serial_logins {
     fi
 }
 
+function set_sticky_bits {
+    world_writable=$(find / -xdev -type d -perm -002 \! -perm -1000)
+    for w in $world_writable; do
+        echo "Setting sticky bit on $w"
+        chmod +t $w
+    done
+}
+
 function lockdown_permissions {
     if [ -d /bin ]; then
         chown root:root /bin/*
@@ -466,6 +474,8 @@ function lockdown_permissions {
     if [ -f /usr/sbin/exim4 ]; then
         chmod u+s /usr/sbin/exim4
     fi
+
+    set_sticky_bits
 }
 
 function disable_core_dumps {
-- 
GitLab