#!/bin/sh

ROOT_UID=0      # Only users with $UID 0 have root privileges.
E_NOTROOT=67    # Non-root exit error.

# Run as root, of course.
if [ "$UID" -ne "$ROOT_UID" ]; then
  echo "Must be root to run this script."
  exit $E_NOTROOT
fi

# For each human user USER of the system, view the permissions of all dot-files in the user’s home directory:
#  ls -ld /home/USER/.[A-Za-z0-9]*
# Ensure that none of these files are group- or world-writable. Correct each misconfigured file FILE by exe-
# cuting:
#  chmod go-w /home/USER/FILE
# A user who can modify another user’s configuration files can likely execute commands with the other user’s
# privileges, including stealing data, destroying files, or launching further attacks on the system.

ls -ld /home/*/.[A-Za-z0-9]* | (cat <<EOF
This is an automated report of $0 on the server `hostname -s`.

ls -ld /home/*/.[A-Za-z0-9]*
EOF
cat
) | /bin/mail -s "[Ensure that User Dot-Files are not World-Writable]" root