This file is indexed.

/usr/bin/expect_cryptdir is in expect 5.45-7.

This file is owned by root:root, with mode 0o755.

The actual contents of the file can be viewed below.

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
#!/bin/sh
# -*- tcl -*-
# The next line is executed by /bin/sh, but not tcl \
exec tclsh8.6 "$0" ${1+"$@"}

package require Expect


# Name: cryptdir
# Author: Don Libes, NIST
#
# Synopsis:
#	  cryptdir [dir]
#	decryptdir [dir]
#
# Encrypt or decrypts the current directory or named directory if given.

if {![file exists /usr/bin/crypt]} {
    puts "This example requires the mcrypt package."
    exit
}

if {[llength $argv] > 0} {
    cd $argv
}

# encrypt or decrypt?
set decrypt [regexp "decrypt" $argv0]

set timeout -1
stty -echo
send "Password:"
expect -re "(.*)\n"
send "\n"
set passwd $expect_out(1,string)

# Wouldn't want to encrypt/decrypt files with mistyped password!
send "Again:"
expect -re "(.*)\n"
send "\n"
if {![string match $passwd $expect_out(1,string)]} {
    send_user "mistyped password?\n"
    stty echo
    exit
}
stty echo

log_user 0
foreach f [glob *] {
    # strip shell metachars from filename to avoid problems
    if {[regsub -all {[]['`~<>:-]} $f "" newf]} {
	exec mv $f $newf
	set f $newf
    }

    set strcmp [string compare .crypt [file extension $f]]
    if {$decrypt} {
	# skip files that don't end with ".crypt"
	if {0!=$strcmp} continue
	spawn sh -c "exec crypt < $f > [file root $f]"
    } else {
	# skip files that already end with ".crypt"
	if {0==$strcmp} continue
	spawn sh -c "exec crypt < $f > $f.crypt"
    }
    expect "key:"
    send "$passwd\r"
    expect
    wait
    exec rm -f $f
    send_tty "."
}
send_tty "\n"