From 9ba0361be0fb665289e582d8911615361896446e Mon Sep 17 00:00:00 2001
From: Charles Herlin <charles.herlin@corp.ovh.com>
Date: Wed, 23 Jan 2019 16:55:48 +0100
Subject: [PATCH] FIX: quotes in find command, misinterpreted shellcheck advice

---
 bin/hardening/12.10_find_suid_files.sh | 3 ++-
 bin/hardening/12.11_find_sgid_files.sh | 3 ++-
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/bin/hardening/12.10_find_suid_files.sh b/bin/hardening/12.10_find_suid_files.sh
index 358cbe0..5aba506 100755
--- a/bin/hardening/12.10_find_suid_files.sh
+++ b/bin/hardening/12.10_find_suid_files.sh
@@ -19,7 +19,8 @@ DESCRIPTION="Find SUID system executables."
 audit () {
     info "Checking if there are suid files"
     FS_NAMES=$(df --local -P | awk '{ if (NR!=1) print $6 }' )
-    FOUND_BINARIES=$( $SUDO_CMD find "$FS_NAMES" -xdev -type f -perm -4000 -print)
+    # shellcheck disable=2086
+    FOUND_BINARIES=$( $SUDO_CMD find $FS_NAMES -xdev -type f -perm -4000 -print)
     BAD_BINARIES=""
     for BINARY in $FOUND_BINARIES; do
         if grep -qw "$BINARY" <<< "$EXCEPTIONS"; then
diff --git a/bin/hardening/12.11_find_sgid_files.sh b/bin/hardening/12.11_find_sgid_files.sh
index c9b2802..cce98b6 100755
--- a/bin/hardening/12.11_find_sgid_files.sh
+++ b/bin/hardening/12.11_find_sgid_files.sh
@@ -19,7 +19,8 @@ DESCRIPTION="Find SGID system executables."
 audit () {
     info "Checking if there are sgid files"
     FS_NAMES=$(df --local -P | awk '{ if (NR!=1) print $6 }' )
-    FOUND_BINARIES=$( $SUDO_CMD find "$FS_NAMES" -xdev -type f -perm -2000 -print)
+    # shellcheck disable=2086
+    FOUND_BINARIES=$( $SUDO_CMD find $FS_NAMES -xdev -type f -perm -2000 -print)
     BAD_BINARIES=""
     for BINARY in $FOUND_BINARIES; do
         if grep -qw "$BINARY" <<< "$EXCEPTIONS"; then