rule1303: Control group protection. Ignore files owned by [1,*]

a859d1226501 · jfp · 016fb3302660 · a859d122
Commit a859d1226501 authored 2 years ago by jfp
--- a/secrules/rules13.py
+++ b/secrules/rules13.py
@@ -66,7 +66,10 @@
    all_users = user.all_users()
    it = (
        itemList.itemList(
-            code=ossdef.OSS__PROTECTION, dtype=itemList.il_unsignedWord
+            code=ossdef.OSS__PROTECTION, dtype=itemList.il_unsignedWord,
+        ),
+        itemList.itemList(
+            code=ossdef.OSS__OWNER, dtype=itemList.il_unsignedLong,
        ),
    )
    for u in list(all_users.values()):
@@ -81,6 +84,12 @@
                        retsec = starlet.get_security(
                            objnam=f, clsnam='FILE', itmlst=it
                        )
+                        own: int = retsec[2][
+                            ossdef.OSS__OWNER
+                        ]   # type: ignore
+                        # Ignore file owned by [1,*]
+                        if int(own / 65536) == 1:
+                            continue
                        prot: int = retsec[2][
                            ossdef.OSS__PROTECTION
                        ]   # type: ignore