tyler.durden/lynis
1
0
Fork 0
mirror of https://github.com/CISOfy/lynis.git synced 2025-07-29 16:54:26 +02:00
Code Issues Packages Projects Releases Wiki Activity

Double quote to prevent globbing and word splitting.SC2086 Info

Browse Source
This commit is contained in:
Marzal 2019-09-19 20:01:31 +02:00
parent 09a60783a6
commit ddd87371b5
1 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
include/functions
View File

@ -1532,12 +1532,12 @@
# Initialize users for strict mode # Initialize users for strict mode
if [ -n "${users:-}" ]; then if [ -n "${users:-}" ]; then
for u in ${users}; do for u in ${users}; do
user_uid=$(getent passwd ${u} 2> /dev/null | ${AWKBINARY} -F: '{print $3}') user_uid=$(getent passwd "${u}" 2> /dev/null | ${AWKBINARY} -F: '{print $3}')
# Only perform search if user exists and we had no match yet # Only perform search if user exists and we had no match yet
if [ -n "${user_uid}" ]; then if [ -n "${user_uid}" ]; then
if [ -z "${FIND}" ]; then if [ -z "${FIND}" ]; then
LogText "Performing pgrep scan using uid ${user_uid}" LogText "Performing pgrep scan using uid ${user_uid}"
FIND=$(${PGREPBINARY} ${pgrep_options} -u ${user_uid} "${search}" | ${TRBINARY} '\n' ' ') FIND=$(${PGREPBINARY} ${pgrep_options} -u "${user_uid}" "${search}" | ${TRBINARY} '\n' ' ')
fi fi
fi fi
done done
@ -1546,7 +1546,7 @@
FIND=$(${PGREPBINARY} ${pgrep_options} "${search}" | ${TRBINARY} '\n' ' ') FIND=$(${PGREPBINARY} ${pgrep_options} "${search}" | ${TRBINARY} '\n' ' ')
fi fi
else else
if [ ${SHELL_IS_BUSYBOX} -eq 1 ]; then if [ "${SHELL_IS_BUSYBOX}" -eq 1 ]; then
# This search is not foolproof # This search is not foolproof
LogText "Performing simple ps scan (busybox)" LogText "Performing simple ps scan (busybox)"
PSOPTIONS=" -o args=" PSOPTIONS=" -o args="
@ -1554,16 +1554,16 @@
else else
if [ -n "${users}" ]; then if [ -n "${users}" ]; then
for u in ${users}; do for u in ${users}; do
user_uid=$(getent passwd ${u} 2> /dev/null | ${AWKBINARY} -F: '{print $3}') user_uid=$(getent passwd "${u}" 2> /dev/null | ${AWKBINARY} -F: '{print $3}')
# Only perform search if user exists and we had no match yet # Only perform search if user exists and we had no match yet
if [ -n "${user_uid}" ]; then if [ -n "${user_uid}" ]; then
if [ -z "${FIND}" ]; then if [ -z "${FIND}" ]; then
if [ ${PARTIAL_SEARCH} -eq 1 ]; then if [ ${PARTIAL_SEARCH} -eq 1 ]; then
LogText "Performing ps scan using partial match and for uid ${user_uid}" LogText "Performing ps scan using partial match and for uid ${user_uid}"
FIND=$(${PSBINARY} -u ${user_uid} -o comm= "${search}" | ${AWKBINARY} -v pattern="${search}" '$0 ~ pattern {print}') FIND=$(${PSBINARY} -u "${user_uid}" -o comm= "${search}" | ${AWKBINARY} -v pattern="${search}" '$0 ~ pattern {print}')
else else
LogText "Performing ps scan using exact match and for uid ${user_uid}" LogText "Performing ps scan using exact match and for uid ${user_uid}"
FIND=$(${PSBINARY} -u ${user_uid} -o comm= "${search}" | ${AWKBINARY} -v pattern="^${search}$" '$0 ~ pattern {print}') FIND=$(${PSBINARY} -u "${user_uid}" -o comm= "${search}" | ${AWKBINARY} -v pattern="^${search}$" '$0 ~ pattern {print}')
fi fi
fi fi
fi fi