btbars / unix-privesc-check

Automatically exported from code.google.com/p/unix-privesc-check
0 stars 0 forks source link

Fix binary regex syntax errors #44

Open GoogleCodeExporter opened 8 years ago

GoogleCodeExporter commented 8 years ago
I'm receiving syntax errors in some of the checks which use 
`binary_matches_string_grep`. For example, running a check from 
lib/checks/privileged_arguments manually:

 sh-4.3$ y="`binary_matches_string_grep \"/tmp/foo\" \"\$[\{]*[[:digit:]][\}]*\"`"
 sh: \{: syntax error: operand expected (error token is "\{")

Patch attached.

It seems to me that the privileged_environment_variables check will alert for 
any script using $-style variables, not necessarily environment variables. So, 
I'm a bit concerned as to how noisy it will be.

Original issue reported on code.google.com by JJC...@googlemail.com on 2 Mar 2015 at 11:53

Attachments: