Closed Bug 1014739 Opened 11 years ago Closed 11 years ago

[mig modules] add wildcard support for path lookup in filechecker module

Categories

(Enterprise Information Security Graveyard :: MIG, task)

x86_64
Linux
task
Not set
normal

Tracking

(Not tracked)

RESOLVED FIXED

People

(Reporter: jvehent, Assigned: jvehent)

References

Details

This block of code selects which checks are activated on a given path https://github.com/mozilla/mig/blob/master/src/mig/modules/filechecker/filechecker.go#L333-L345 We could extract this function, and make it smarter to understand wildcards. For example, if a given check has a path such as `/etc/cron*`, then `/etc/cron` can be used in a substring evaluation of the current path: strings.Contains("/etc/cron.d/daily", "/etc/cron") However, that approach wouldn't work for more complex patterns, such as `/etc/yum.repos.d/*.repo`.
Assignee: nobody → jvehent
I have a prototype that works standalone, using the filepath.Match function of the standard lib. https://github.com/jvehent/go-toybox/blob/master/filepath_match.go Now I need to integrate that in the filechecker module.
Added in: [medium] add pattern matching for path in filechecker https://github.com/mozilla/mig/commit/7aab0028ae8c9281716db9a8af9ba1edd41c262d [medium] fix and improve pattern matching in filechecker https://github.com/mozilla/mig/commit/27ec9e2f16b3bcde3883a9822137a823d6ecc2b8
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → FIXED
Component: Operations Security (OpSec): General → Operations Security (OpSec): MIG
Component: Operations Security (OpSec): MIG → MIG
Product: mozilla.org → Enterprise Information Security
Product: Enterprise Information Security → Enterprise Information Security Graveyard
You need to log in before you can comment on or make changes to this bug.