tyler.durden
/
lynis
mirror of https://github.com/CISOfy/lynis.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Reinitialize temporary files to prevent possible symlink attack - CVE-2017-8108

This commit is contained in:
Michael Boelen 2017-05-03 09:47:35 +02:00
parent 67333bb09a
commit a9b67dc675
No known key found for this signature in database
GPG Key ID: 26141F77A09D7F04
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
include/tests_webservers
View File

@ -358,8 +358,9 @@
if [ ${NGINX_RUNNING} -eq 1 -a ! -z "${NGINX_CONF_LOCATION}" ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi
Register --test-no HTTP-6706 --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Check for additional nginx configuration files"
if [ ${SKIPTEST} -eq 0 ]; then
# Remove temp file
if [ ! -z "${TMPFILE}" ]; then if [ -f ${TMPFILE} ]; then rm -f ${TMPFILE}; fi; fi
CreateTempFile || ExitFatal
TMPFILE="${TEMP_FILE}"
COUNT=0
${SEDBINARY} -e 's/^[ ]*//' ${NGINX_CONF_LOCATION} | ${GREPBINARY} -v "^#" | ${GREPBINARY} -v "^$" | ${SEDBINARY} 's/[ ]/ /g' | ${SEDBINARY} 's/ / /g' | ${SEDBINARY} 's/ / /g' >> ${TMPFILE}
# Search for included configuration files (may include directories and wild cards)