diff options
| author | Michael Boelen <michael.boelen@cisofy.com> | 2019-06-24 16:23:30 +0300 |
|---|---|---|
| committer | Michael Boelen <michael.boelen@cisofy.com> | 2019-06-24 16:23:30 +0300 |
| commit | 6f3c268c57ae196ccfc4f0c4b3f620f20653d642 (patch) | |
| tree | 6bd3bbfb252bd0fb8604310327e506d8ebbb34fb | |
| parent | f6f7a69857c59ca0c02e7c8bcab53784388e89f2 (diff) | |
Non-functional code removed as it does not work as intended and lacks required validation controls - Thanks to Sander Bos for reporting
| -rw-r--r-- | include/helper_audit_dockerfile | 25 |
1 files changed, 7 insertions, 18 deletions
diff --git a/include/helper_audit_dockerfile b/include/helper_audit_dockerfile index efe73d28..273bb347 100644 --- a/include/helper_audit_dockerfile +++ b/include/helper_audit_dockerfile @@ -19,25 +19,14 @@ ################################################################################# if [ $# -eq 0 ]; then - Display --indent 2 --text "${RED}Error: ${WHITE}Provide URL or file${NORMAL}" + Display --indent 2 --text "${RED}Error: ${WHITE}Provide a file${NORMAL}" Display --text " "; Display --text " " ExitFatal else FILE=$(echo $1 | egrep "^http|https") if HasData "${FILE}"; then - CreateTempFile - TMP_FILE="${TEMP_FILE}" - Display --indent 2 --text "Downloading URL ${FILE} with wget" - wget -o ${TMP_FILE} ${FILE} - if [ $? -gt 0 ]; then - AUDIT_FILE="${TMP_FILE}" - else - if [ -f ${TMP_FILE} ]; then - rm -f ${TMP_FILE} - fi - Display --indent 2 --text "${RED}Error: ${WHITE}can not download file${NORMAL}" - ExitFatal - fi + echo "Provide a file (not a URL)" + ExitFatal else if [ -f $1 ]; then AUDIT_FILE="$1" @@ -110,14 +99,14 @@ InsertSection "Basics" #FIND=$(egrep "^MAINTAINER" ${AUDIT_FILE} | sed 's/ /:space:/g') FIND=$(egrep -i "*MAINTAINER" ${AUDIT_FILE} | sed 's/=/ /g' | cut -d'"' -f 2) - if [ "${FIND}" = "" ]; then + if [ -z "${FIND}" ]; then ReportWarning "dockerfile" "No maintainer found. Unclear who created this file." else #MAINTAINER=$(echo ${FIND} | sed 's/:space:/ /g' | awk '{ if($1=="MAINTAINER") { print }}') MAINTAINER=$(echo ${FIND}) Display --indent 2 --text "Maintainer" --result "${MAINTAINER}" fi - + FIND=$(grep "^ENTRYPOINT" ${AUDIT_FILE} | cut -d' ' -f2 ) if [ "${FIND}" = "" ]; then ReportWarning "dockerfile" "No ENTRYPOINT defined in Dockerfile." @@ -127,7 +116,7 @@ InsertSection "Basics" fi FIND=$(grep "^CMD" ${AUDIT_FILE} | cut -d' ' -f2 ) - if [ "${FIND}" = "" ]; then + if [ -z "${FIND}" ]; then ReportWarning "dockerfile" "No CMD defines in Dockerfile." else CMD=$(echo ${FIND}) @@ -135,7 +124,7 @@ InsertSection "Basics" fi FIND=$(grep "^USER" ${AUDIT_FILE} | cut -d' ' -f2 ) - if [ "${FIND}" = "" ]; then + if [ -z "${FIND}" ]; then ReportWarning "dockerfile" "No user declared in Dockerfile. Container will execute command as root" else USER=$(echo ${FIND}) |