HEX

File: //usr/local/bin/check-permissions
#!/usr/bin/env bash

# This is the list of files that can not be read by a user which is not root
FILES=$(find / \! -path '/proc/*' \! -path '/sys/*' -user root -group root \! -perm /o+wrx  | sort | xargs )
EXPECTED="/etc/.pwd.lock /etc/logcheck/ignore.d.server/ssmtp /etc/security/opasswd /etc/ssl/private /root /var/cache/debconf/passwords.dat /var/cache/ldconfig /var/cache/ldconfig/aux-cache /var/lib/apt/lists/lock /var/lib/dpkg/lock-frontend /var/lib/dpkg/triggers/Lock"

if [[ $FILES != $EXPECTED ]]
then
    echo "Incorrect permissions:"
    echo "  Expected output: " $EXPECTED
    echo "  Actual   output: " $FILES
    exit 1
fi