GuillaumeHemmen/docker-bench-security
1
0
Fork 0
mirror of https://github.com/docker/docker-bench-security.git synced 2025-01-19 00:32:34 +01:00
Code Issues Projects Releases Packages Wiki Activity

Merge pull request #216 from konstruktoid/issue_212

Browse source 
replace contains with grep
This commit is contained in:
Thomas Sjögren 2017-02-15 15:12:25 +01:00 committed by GitHub
commit 2de8e71d01
1 changed files with 5 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
tests/5_container_runtime.sh
View file

@ -110,7 +110,8 @@ else
# List of sensitive directories to test for. Script uses new-lines as a separator. # List of sensitive directories to test for. Script uses new-lines as a separator.
# Note the lack of identation. It needs it for the substring comparison. # Note the lack of identation. It needs it for the substring comparison.
sensitive_dirs='/boot sensitive_dirs='/
/boot
/dev /dev
/etc /etc
/lib /lib
@ -127,7 +128,9 @@ else
# Go over each directory in sensitive dir and see if they exist in the volumes # Go over each directory in sensitive dir and see if they exist in the volumes
for v in $sensitive_dirs; do for v in $sensitive_dirs; do
sensitive=0 sensitive=0
contains "$volumes" "$v" && sensitive=1 if echo "$volumes" | grep -e "{.*\s$v\s.*true\s}" 2>/tmp/null 1>&2; then
sensitive=1
fi
if [ $sensitive -eq 1 ]; then if [ $sensitive -eq 1 ]; then
# If it's the first container, fail the test # If it's the first container, fail the test
if [ $fail -eq 0 ]; then if [ $fail -eq 0 ]; then