mirror of
https://github.com/jtesta/ssh-audit.git
synced 2024-12-22 22:15:22 +01:00
Do not accidentally overwrite policies when creating new policy with -M.
This commit is contained in:
parent
adc1007d7d
commit
1faa24ad86
14
ssh-audit.py
14
ssh-audit.py
@ -3206,10 +3206,18 @@ def make_policy(aconf: AuditConf, banner: Optional['SSH.Banner'], kex: Optional[
|
|||||||
if aconf.policy_file is None:
|
if aconf.policy_file is None:
|
||||||
raise RuntimeError('Internal error: cannot write policy file since filename is None!')
|
raise RuntimeError('Internal error: cannot write policy file since filename is None!')
|
||||||
|
|
||||||
with open(aconf.policy_file, 'w') as f:
|
# Open with mode 'x' (creates the file, or fails if it already exist).
|
||||||
f.write(policy_data)
|
succeeded = True
|
||||||
|
try:
|
||||||
|
with open(aconf.policy_file, 'x') as f:
|
||||||
|
f.write(policy_data)
|
||||||
|
except FileExistsError:
|
||||||
|
succeeded = False
|
||||||
|
|
||||||
print("Wrote policy to %s. Customize as necessary." % aconf.policy_file)
|
if succeeded:
|
||||||
|
print("Wrote policy to %s. Customize as necessary, then run a policy scan with -P option." % aconf.policy_file)
|
||||||
|
else:
|
||||||
|
print("Error: file already exists: %s" % aconf.policy_file)
|
||||||
|
|
||||||
|
|
||||||
class Utils:
|
class Utils:
|
||||||
|
Loading…
Reference in New Issue
Block a user