tyler.durden/lynis
1
0
Fork 0
mirror of https://github.com/CISOfy/lynis.git synced 2025-07-27 15:54:09 +02:00
Code Issues Packages Projects Releases Wiki Activity

Additional checks for log and report file

Browse Source
This commit is contained in:
Michael Boelen 2017-11-25 16:37:28 +01:00
parent d569e9eb40
commit 8fde6723e2
No known key found for this signature in database
GPG Key ID: 26141F77A09D7F04
1 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
lynis
View File

@ -238,15 +238,21 @@ Make sure to execute ${PROGRAM_NAME} from untarred directory or check your insta
if [ -z "${LOGFILE}" ]; then if [ -z "${LOGFILE}" ]; then
# Try creating a log file in temporary directory # Try creating a log file in temporary directory
if [ ! -f /tmp/lynis.log ]; then if [ ! -f /tmp/lynis.log ]; then
if [ -L /tmp/lynis.log ]; then echo "Log file is symlinked, which can introduce the risk of a symlink attack."; exit 1; fi
touch /tmp/lynis.log touch /tmp/lynis.log
if [ $? -eq 0 ]; then LOGFILE="/tmp/lynis.log"; else LOGFILE="/dev/null"; fi if [ $? -eq 0 ]; then LOGFILE="/tmp/lynis.log"; else LOGFILE="/dev/null"; fi
else else
LOGFILE="/tmp/lynis.log" LOGFILE="/tmp/lynis.log"
fi fi
else
if [ -L "${LOGFILE}" ]; then echo "Log file is symlinked, which can introduce the risk of a symlink attack."; exit 1; fi
fi fi
if [ -z "${REPORTFILE}" ]; then if [ -z "${REPORTFILE}" ]; then
touch /tmp/lynis-report.dat touch /tmp/lynis-report.dat
if [ -L /tmp/lynis-report.dat ]; then echo "Report file is symlinked, which can introduce the risk of a symlink attack."; exit 1; fi
if [ $? -eq 0 ]; then REPORTFILE="/tmp/lynis-report.dat"; else REPORTFILE="/dev/null"; fi if [ $? -eq 0 ]; then REPORTFILE="/tmp/lynis-report.dat"; else REPORTFILE="/dev/null"; fi
else
if [ -L "${REPORTFILE}" ]; then echo "Report file is symlinked, which can introduce the risk of a symlink attack."; exit 1; fi
fi fi
fi fi
# #