github.com/aquasecurity/trivy-iac@v0.8.1-0.20240127024015-3d8e412cf0ab/pkg/scanners/terraform/parser/resolvers/writable.go

github.com/aquasecurity/trivy-iac@v0.8.1-0.20240127024015-3d8e412cf0ab/pkg/scanners/terraform/parser/resolvers/writable.go (about)

     1  //go:build !windows
     2  // +build !windows
     3  
     4  package resolvers
     5  
     6  import (
     7  	"os"
     8  	"syscall"
     9  )
    10  
    11  func isWritable(path string) bool {
    12  	info, err := os.Stat(path)
    13  	if err != nil {
    14  		return false
    15  	}
    16  
    17  	if !info.IsDir() {
    18  		return false
    19  	}
    20  
    21  	// Check if the user bit is enabled in file permission
    22  	if info.Mode().Perm()&(1<<(uint(7))) == 0 {
    23  		return false
    24  	}
    25  
    26  	var stat syscall.Stat_t
    27  	if err = syscall.Stat(path, &stat); err != nil {
    28  		return false
    29  	}
    30  
    31  	if uint32(os.Geteuid()) != stat.Uid {
    32  		return false
    33  	}
    34  
    35  	return true
    36  }