From 8fde6723e2e3dda5268783af43f2c790a3cf0b0c Mon Sep 17 00:00:00 2001
From: Michael Boelen <michael.boelen@cisofy.com>
Date: Sat, 25 Nov 2017 16:37:28 +0100
Subject: Additional checks for log and report file

---
 lynis | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/lynis b/lynis
index 5674f6a8..7c2fd33d 100755
--- a/lynis
+++ b/lynis
@@ -238,15 +238,21 @@ Make sure to execute ${PROGRAM_NAME} from untarred directory or check your insta
         if [ -z "${LOGFILE}" ]; then
             # Try creating a log file in temporary directory
             if [ ! -f /tmp/lynis.log ]; then
+                if [ -L /tmp/lynis.log ]; then echo "Log file is symlinked, which can introduce the risk of a symlink attack."; exit 1; fi
                 touch /tmp/lynis.log
                 if [ $? -eq 0 ]; then LOGFILE="/tmp/lynis.log"; else LOGFILE="/dev/null"; fi
             else
                 LOGFILE="/tmp/lynis.log"
             fi
+        else
+            if [ -L "${LOGFILE}" ]; then echo "Log file is symlinked, which can introduce the risk of a symlink attack."; exit 1; fi
         fi
         if [ -z "${REPORTFILE}" ]; then
             touch /tmp/lynis-report.dat
+            if [ -L /tmp/lynis-report.dat ]; then echo "Report file is symlinked, which can introduce the risk of a symlink attack."; exit 1; fi
             if [ $? -eq 0 ]; then REPORTFILE="/tmp/lynis-report.dat"; else REPORTFILE="/dev/null"; fi
+        else
+            if [ -L "${REPORTFILE}" ]; then echo "Report file is symlinked, which can introduce the risk of a symlink attack."; exit 1; fi
         fi
     fi
 #
-- 
cgit v1.2.3