tyler.durden/lynis
1
0
Fork 0
mirror of https://github.com/CISOfy/lynis.git synced 2025-07-28 00:04:16 +02:00
Code Issues Packages Projects Releases Wiki Activity

[TIME-3104] search for files using find and strip potential characters that may be unexpected

Browse Source
This commit is contained in:
Michael Boelen 2020-04-01 16:16:31 +02:00
parent 8c501c7aa8
commit 7e3c9448df
No known key found for this signature in database
GPG Key ID: 26141F77A09D7F04
1 changed files with 14 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
include/tests_time
View File

@ -163,22 +163,28 @@
fi fi
done done
# Don't run check in cron job directory on Solaris # Notes: only test for normal files. File /etc/cron.d/FIFO on solaris is a special file and test may hang
# /etc/cron.d/FIFO is a special file and test get stuck at this file # Linux systems may have a .placeholder file
FOUND_IN_CRON=0 FOUND_IN_CRON=0
# Check cron jobs # Check cron jobs
for I in ${CRON_DIRS}; do for I in ${CRON_DIRS}; do
if [ -d ${I} ]; then if [ -d ${I} ]; then
if FileIsReadable ${I}; then if FileIsReadable ${I}; then
FIND=$(${LSBINARY} ${I} | ${GREPBINARY} -v FIFO) FIND=$(${FINDBINARY} ${I} -type f -a ! -name ".placeholder" -print 2> /dev/null | ${SEDBINARY} 's/ /__space__/g' | ${TRBINARY} '\n' '\0' | ${TRBINARY} -cd '[:print:]\0' | ${TRBINARY} '\0' ' ')
if [ -n "${FIND}" ]; then if [ -n "${FIND}" ]; then
for J in ${FIND}; do for J in ${FIND}; do
LogText "Test: checking for ntpdate or rdate in ${I}/${J}" # Place back spaces if needed
FIND2=$(${EGREPBINARY} "rdate|ntpdate" ${I}/${J} | ${GREPBINARY} -v "^#") J=$(echo ${J} | ${SEDBINARY} 's/__space__/ /g')
if [ -n "${FIND2}" ]; then LogText "Test: checking for ntpdate or rdate in ${J}"
LogText "Positive match found: ${FIND2}" if FileIsReadable ${J}; then
FOUND=1; FOUND_IN_CRON=1; NTP_CONFIG_TYPE_SCHEDULED=1 FIND2=$(${EGREPBINARY} "rdate|ntpdate" "${J}" | ${GREPBINARY} -v "^#")
if [ -n "${FIND2}" ]; then
LogText "Positive match found: ${FIND2}"
FOUND=1; FOUND_IN_CRON=1; NTP_CONFIG_TYPE_SCHEDULED=1
fi
else
LogText "Result: could not test in file '${J}' as it is not readable"
fi fi
done done
else else