diff options
author | Katka Durechova <durechova@ynet.sk> | 2018-10-27 21:19:08 +0300 |
---|---|---|
committer | Katka Durechova <durechova@ynet.sk> | 2018-10-27 21:19:08 +0300 |
commit | 5b09da0d9878096d45f04b858c4f65e674369ab4 (patch) | |
tree | 9b74ab327ec4471a88f6f691acd9ce3915ab3a3b /lynis | |
parent | 57cd296f6331d09aaf3dfa7f6e455f7c216c49ae (diff) |
Store log and data file in home directory for non-privileged usage
Diffstat (limited to 'lynis')
-rwxr-xr-x | lynis | 18 |
1 files changed, 9 insertions, 9 deletions
@@ -236,21 +236,21 @@ Make sure to execute ${PROGRAM_NAME} from untarred directory or check your insta # Disable logging if no alternative was provided if [ ${PRIVILEGED} -eq 0 ]; then if [ -z "${LOGFILE}" ]; then - # Try creating a log file in temporary directory - if [ ! -f /tmp/lynis.log ]; then - if [ -L /tmp/lynis.log ]; then echo "Log file is symlinked, which can introduce the risk of a symlink attack."; exit 1; fi - touch /tmp/lynis.log - if [ $? -eq 0 ]; then LOGFILE="/tmp/lynis.log"; else LOGFILE="/dev/null"; fi + # Try creating a log file in home directory + if [ ! -f "$HOME/lynis.log" ]; then + if [ -L "$HOME/lynis.log" ]; then echo "Log file is symlinked, which can introduce the risk of a symlink attack."; exit 1; fi + touch "$HOME/lynis.log" + if [ $? -eq 0 ]; then LOGFILE="$HOME/lynis.log"; else LOGFILE="/dev/null"; fi else - LOGFILE="/tmp/lynis.log" + LOGFILE="$HOME/lynis.log" fi else if [ -L "${LOGFILE}" ]; then echo "Log file is symlinked, which can introduce the risk of a symlink attack."; exit 1; fi fi if [ -z "${REPORTFILE}" ]; then - touch /tmp/lynis-report.dat - if [ -L /tmp/lynis-report.dat ]; then echo "Report file is symlinked, which can introduce the risk of a symlink attack."; exit 1; fi - if [ $? -eq 0 ]; then REPORTFILE="/tmp/lynis-report.dat"; else REPORTFILE="/dev/null"; fi + touch "$HOME/lynis-report.dat" + if [ -L "$HOME/lynis-report.dat" ]; then echo "Report file is symlinked, which can introduce the risk of a symlink attack."; exit 1; fi + if [ $? -eq 0 ]; then REPORTFILE="$HOME/lynis-report.dat"; else REPORTFILE="/dev/null"; fi else if [ -L "${REPORTFILE}" ]; then echo "Report file is symlinked, which can introduce the risk of a symlink attack."; exit 1; fi fi |