Permalink
Browse files

Update caspercheck.sh

Updating caspercheck.sh to fix a race condition security vulnerability.
  • Loading branch information...
1 parent c2d081c commit 35e4e1d6ba9f363b894b36535b151637eb70602e @rtrouton committed on GitHub Nov 7, 2016
Showing with 15 additions and 16 deletions.
  1. +15 −16 script/caspercheck.sh
View
@@ -33,7 +33,7 @@ log_location="/var/log/caspercheck.log"
#
quickadd_dir="/var/root/quickadd"
-quickadd_zip="/tmp/quickadd.zip"
+quickadd_zip="$quickadd_dir/quickadd.zip"
quickadd_installer="$quickadd_dir/casper.pkg"
quickadd_timestamp="$quickadd_dir/quickadd_timestamp"
@@ -111,6 +111,18 @@ CheckSiteNetwork (){
update_quickadd () {
+ # Create the destination directory if needed
+
+ if [[ ! -d "$quickadd_dir" ]]; then
+ mkdir "$quickadd_dir"
+ fi
+
+ # If needed, remove existing files from the destination directory
+
+ if [[ -d "$quickadd_dir" ]]; then
+ /bin/rm -rf "$quickadd_dir"/*
+ fi
+
# Get modification date of fileURL
modDate=$(myCurl --head $fileURL 2>/dev/null | awk -F': ' '/Last-Modified/{print $2}')
@@ -141,19 +153,7 @@ update_quickadd () {
rm "$quickadd_zip"
exit 0
fi
-
- # Create the destination directory if needed
-
- if [[ ! -d "$quickadd_dir" ]]; then
- mkdir "$quickadd_dir"
- fi
-
- # If needed, remove existing files from the destination directory
-
- if [[ -d "$quickadd_dir" ]]; then
- /bin/rm -rf "$quickadd_dir"/*
- fi
-
+
# Unzip the Casper agent install into the destination directory
# and remove the __MACOSX directory, which is created as part of
# the uncompression process from the destination directory.
@@ -176,8 +176,7 @@ update_quickadd () {
if [[ ! -f "$quickadd_timestamp" ]]; then
echo $modDate > "$quickadd_timestamp"
fi
-
-
+
}
CheckTomcat (){

0 comments on commit 35e4e1d

Please sign in to comment.