Fixed a typo

CHANGELOG.md

@@ -67,6 +67,7 @@ Using the relevant options, the scan will change base on the intended goal.
 - Profiles: message is displayed when old format "key:value" is used
 - Security: the 'nounset' (set -u) parameter is now activated by default
 - AUTH-9266 - skip .pam-old files in /etc/pam.d
+- AUTH-9282 - fix: temporary variable was overwritten
 - AUTH-9408 - added support for pam_tally2 to log failed logins
 - CONT-8106 - support newer 'docker info' output
 - CRYP-8002 - gather kernel entropy on Linux systems
@@ -2916,10 +2917,10 @@ Lynis 1.1.7 (2008-06-28)
  - Added dig availability check to DNS test [NETW-2704]
  - Bugfix: Fixed iptables test if the binary is not located in /sbin [FIRE-4512]
  - Bugfix: Improved yum-utils check to display suggestions correctly [PKGS-7384]
- - Bugfix: Fixed prequisits for grpck test [AUTH-9216]
+ - Bugfix: Fixed prerequisites for grpck test [AUTH-9216]
  - Improved MySQL check [DBS-1804]
  - Changed color at chkconfig boot services test [BOOT-5177]
- - Added missing prequisits output to portaudit test [PKGS-7382]
+ - Added missing prerequisites output to portaudit test [PKGS-7382]
  - Test output for FreeBSD mounts (UFS) improved [FILE-6329]
  - Extended OpenLDAP test to avoid finding itself in ps output [LDAP-2219]
  - Several tests have their warning reporting improved

include/binaries

@@ -65,10 +65,10 @@
             if [ ${FOUND} -eq 1 ]; then
                 # Stop execution if privileged, otherwise continue but warn user
                 if [ ${PRIVILEGED} -eq 1 ]; then
-                    ExitFatal "Possible riskful location (${SCANDIR}) in PATH discovered. Quitting..."
+                    ExitFatal "Suspicious location (${SCANDIR}) in PATH discovered. Quitting..."
                 else
                     Display --indent 4 --text "Warning: suspicious location (${SCANDIR}) in PATH"
-                    ReportWarning "${TEST_NO}" "Possible riskful location in PATH discovered" "text:${MSG}"
+                    ReportWarning "${TEST_NO}" "Suspicious location in PATH discovered" "text:${MSG}"
                     sleep 1
                 fi
             fi

include/functions

@@ -1418,7 +1418,7 @@
         if [ -e /proc/1/environ ]; then
             FIND=$(grep -qa 'container=lxc' ${ROOTDIR}proc/1/environ 2> /dev/null)
             if [ $? -eq 0 ]; then
-                LogText "Result: found LXC in environnement (/proc/1/environ), so we are running in LXC container"
+                LogText "Result: found LXC in environment (/proc/1/environ), so we are running in LXC container"
                 CONTAINER_TYPE="LXC"; FOUND=1
                 EXITCODE=0
             fi

include/profiles

@@ -196,7 +196,7 @@
                     OPTION_FREEBSD_SKIP_PORTAUDIT="${VALUE}"
                 ;;
 
-                # Lynis Enterprise: group name - deprecrated option
+                # Lynis Enterprise: group name - deprecated option
                 group)
                     GROUP_NAME="${VALUE}"
                     AddSetting "group" "${GROUP_NAME}" "Group"

include/tests_custom.template

@@ -109,7 +109,7 @@
 #################################################################################
 #
     # Test        : CUST-0040
-    # Description : Our second test, with a prequisite test
+    # Description : Our second test, with a prerequisite test
 
     # First check if OPENSSLBINARY is known as a prerequisite for this test
     # ! means "not". So if the binary is known, the prerequisite is matched. Otherwise we set it to NO and define a reason why we skipped this test

include/tests_databases

@@ -219,7 +219,7 @@
 #################################################################################
 #
     # Test        : DBS-1860
-    # Description : Checks if a DB2 instance is currently runnigng
+    # Description : Checks if a DB2 instance is currently running
     Register --test-no DBS-1860 --weight L --network NO --category security --description "Checking active DB2 instances"
     if [ ${SKIPTEST} -eq 0 ]; then
         if IsRunning db2sysc; then

include/tests_dns

@@ -35,7 +35,7 @@
 #################################################################################
 #
 #    # Test        : DNS-1600
-#    # Description : Validate DNSSEC signiture is checked
+#    # Description : Validate DNSSEC signature is checked
 #    Register --test-no DNS-1600 --weight L --network YES --category security --description "Validate DNSSEC igniture is checked"
 #    if [ "${SKIPTEST}" -eq 0 ]; then
 #        if [ -n "${DIGBINARY}" ]; then
@@ -54,7 +54,7 @@
 #            elif [ -n "${GOOD}" -a -n "${BAD}" ]; then
 #                Display --indent 4 --text "- Checking DNSSEC validation" --result "${STATUS_SUGGESTION}" --color YELLOW
 #                LogText "Note: Using DNSSEC validation can protect from DNS hijacking"
-#                #ReportSuggestion "${TEST_NO}" "Altered DNS queries are accepted, configure DNSSEC valdating name servers"
+#                #ReportSuggestion "${TEST_NO}" "Altered DNS queries are accepted, configure DNSSEC validating name servers"
 #                AddHP 2 2
 #            elif [ -n "${GOOD}" -a -z "${BAD}" ]; then
 #                Display --indent 4 --text "- Checking DNSSEC validation" --result "${STATUS_OK}" --color GREEN

include/tests_hardening

@@ -20,7 +20,7 @@
 #
     InsertSection "Hardening"
 
-    # COMPILER_INSTALLED is initialised before
+    # COMPILER_INSTALLED is initialized before
     HARDEN_COMPILERS_NEEDED=0
 #
 #################################################################################

include/tests_homedirs

@@ -135,7 +135,7 @@
                 LogText "Info: above files could be redirected files to avoid logging and should be investigated"
                 ReportWarning ${TEST_NO} "Incorrect file type found for shell history file"
             fi
-            LogText "Remarks: History files are normally of the type 'file'. Symbolic links and other types can be riskful."
+            LogText "Remarks: History files are normally of the type 'file'. Symbolic links and other types are suspicious."
         else
             Display --indent 2 --text "- Checking shell history files" --result "${STATUS_SKIPPED}" --color WHITE
             LogText "Result: Homedirs is empty, test will be skipped"

include/tests_ldap

@@ -89,7 +89,7 @@
 #################################################################################
 #
     # Test        : LDAP-2240
-    # Description : Check OpenLDAP unencrypted RootDN password
+    # Description : Check OpenLDAP plaintext RootDN password
 #
 #################################################################################
 #

include/tests_nameservices

@@ -124,7 +124,7 @@
                     Report "resolv_conf_option[]=${ITEM}"
                     # TODO add suggestions for the related options
                     # rotate --> add performance tune point
-                    # timeout --> add performe tune point when smaller than 3 seconds
+                    # timeout --> add performance tune point when smaller than 3 seconds
                 done
                 Display --indent 2 --text "- Checking /etc/resolv.conf options" --result "${STATUS_FOUND}" --color GREEN
             fi

include/tests_php

@@ -295,7 +295,7 @@
         FIND=$(${EGREPBINARY} -i 'allow_url_fopen.*(off|no|0)' ${PHPINIFILE} | ${GREPBINARY} -v '^;')
         if [ -z "${FIND}" ]; then
             Display --indent 4 --text "- Checking allow_url_fopen option" --result "${STATUS_ON}" --color YELLOW
-            LogText "Result: allow_url_fopen option is turned on, which can be used for riskful downloads via PHP"
+            LogText "Result: allow_url_fopen option is turned on, which can be used for downloads via PHP and is a security risk"
             ReportSuggestion ${TEST_NO} "Change the allow_url_fopen line to: allow_url_fopen = Off, to disable downloads via PHP"
             AddHP 0 1
         else
@@ -318,7 +318,7 @@
         FIND=$(${EGREPBINARY} -i 'allow_url_include.*(off|no|0)' ${PHPINIFILE} | ${GREPBINARY} -v '^;')
         if [ -z "${FIND}" ]; then
             Display --indent 4 --text "- Checking allow_url_include option" --result "${STATUS_ON}" --color YELLOW
-            Report "Result: allow_url_include option is turned on, which can be used for riskful downloads via PHP"
+            Report "Result: allow_url_include option is turned on, which can be used for downloads via PHP and is a risk"
             ReportSuggestion ${TEST_NO} "Change the allow_url_include line to: allow_url_include = Off, to disable downloads via PHP"
             AddHP 0 1
         else

include/tests_ports_packages

@@ -650,7 +650,7 @@
                 LogText "Result: Cron job is not configured for debsums utility."
                 Display --indent 6 --text "- Cron job for debsums" --result "${STATUS_NOT_FOUND}" --color YELLOW
                 AddHP 1 3
-                ReportSuggestion "${TEST_NO}" "Check debsums configuration and enable checking regurlarly via a cron job."
+                ReportSuggestion "${TEST_NO}" "Check debsums configuration and enable checking regularly via a cron job."
             fi
         else
             LogText "Result: debsums utility is not installed."

include/tests_shells

@@ -109,12 +109,12 @@
         LogText "Test: Search for session timeout tools or settings in shell"
         if IsRunning "timeoutd"; then
             IDLE_TIMEOUT=1
-            LogText "Result: found timeoutd process to kill idle sesions"
+            LogText "Result: found timeoutd process to kill idle sessions"
             IDLE_TIMEOUT_METHOD="timeout-daemon"
         fi
         if IsRunning "autolog"; then
             IDLE_TIMEOUT=1
-            LogText "Result: found autolog process to kill idle sesions"
+            LogText "Result: found autolog process to kill idle sessions"
             Report="session_timeout_method[]=autolog"
             IDLE_TIMEOUT_METHOD="autolog"
         fi

include/tests_squid

@@ -222,7 +222,7 @@
 #################################################################################
 #
     # Test        : SQD-3624
-    # Description : Check unsecure ports in Safe_ports list
+    # Description : Check insecure ports in Safe_ports list
     if [ ${SQUID_DAEMON_RUNNING} -eq 1 -a ! "${SQUID_DAEMON_CONFIG}" = "" ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi
     Register --test-no SQD-3624 --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Check Squid safe ports"
     if [ ${SKIPTEST} -eq 0 ]; then

include/tests_time

@@ -108,7 +108,7 @@
                     LogText "Result: ${ROOTDIR}etc/systemd/timesyncd.conf does not exist"
                 fi
             else
-                LogText "Result: time sychronization not performed according timedatectl command"
+                LogText "Result: time synchronization not performed according timedatectl command"
             fi
         else
             LogText "Result: timedatectl command not available on this system"
@@ -223,7 +223,7 @@
         FIND=$(${TIMEDATECTL} status | ${EGREPBINARY} "(NTP|System clock) synchronized: yes")
         if [ -z "${FIND}" ]; then
             LogText "Result: time not synchronized via NTP"
-            ReportSuggestion "${TEST_NO}" "Check timedatectl output. Sychronization via NTP is enabled, but status reflects it is not synchronized"
+            ReportSuggestion "${TEST_NO}" "Check timedatectl output. Synchronization via NTP is enabled, but status reflects it is not synchronized"
         fi
     fi
 #

include/tests_virtualization

@@ -30,7 +30,6 @@
 #    # Description : Checking VMware
 #    Register --test-no VIRT-1920 --weight L --network NO --category security --description "Checking VMware guest status"
 #    if [ ${SKIPTEST} -eq 0 ]; then
-#        # Initialise
 #        VMWARE_GUEST=0
 #        Display --indent 2 --text "- Checking VMware guest status"
 #        # check memory driver file