new security test in Validation, what the test does is:
- reads all the env vars in the WN account where the job runs.
- for each directory/file specified in any variable, and for each file inside any of those directories:
- the test checks if the file/dir has write privileges for the Other group (the --------X- bit).
- if the file/dir is in $PATH, it returns an ERROR
- if the file/dir is not in $PATH, it returns a WARNING
- if no 'w' privilege was found in any of the files/dirs, the test returns OK.
Validation instance of SAM portal is available here:
https://lcg-sam-val.cern.ch:8443/sam-val/sam.py