[Fix] find_recentopts incorrectly escaping find options to the right …

…of ( -mtime .. -ctime ); previously normalized by eval; issue #440, pr#442

[Fix] persist configuration value inotify_docroot between upgrades; issue #439

CHANGELOG

@@ -1,3 +1,7 @@
+v1.6.6.1  | Feb 25 2025:
+[Fix] find_recentopts incorrectly escaping find options to the right of ( -mtime .. -ctime ); previously normalized by eval; issue #440, pr#442
+[Fix] persist configuration value inotify_docroot between upgrades; issue #439
+
 v1.6.6 | Feb 19 2025:
 [Fix] replaced eval usage in dynamic execution to improve security; thank you for responsible disclosure from barrebas
 [Fix] malware notification emails to ignore inactive siteworx users; pr #425

CHANGELOG.RELEASE

@@ -1,3 +1,5 @@
+v1.6.6.1  | Feb 25 2025:
+[Fix] find_recentopts incorrectly escaping find options to the right of ( -mtime .. -ctime ); previously normalized by eval; issue #440, pr#442
 [Fix] persist configuration value inotify_docroot between upgrades; issue #439
 
 v1.6.6 | Feb 19 2025:

files/internals/functions

@@ -1156,19 +1156,15 @@ scan() {
 	if [ "$file_list" ]; then
 		cat $file_list | grep -E -vf $ignore_paths > $find_results
 	else
-		if [ "$single_filescan" ]; then
-			find_recentops=""
-		elif [ "$days" == "all" ]; then
+		if [ "$days" == "all" ]; then
 			if [ -z "$hscan" ]; then
 				eout "{scan} building file list for $hrspath, this might take awhile..." 1
 			fi
-			find_recentops=""
 		else
 			rscan=1
 			if [ -z "$hscan" ]; then
 				eout "{scan} building file list for $hrspath of new/modified files from last $days days, this might take awhile..." 1
 			fi
-			find_recentopts="\( -mtime -$days -o -ctime -$days \)"
 		fi
 
 		if [ -z "$scan_find_timeout" ];then
@@ -1194,8 +1190,14 @@ scan() {
 		        fi
 		    done < "$ignore_paths"
 		fi
-		eout "{scan} executed $nice_command $find $spath $spath_tmpdirs $find_prune -maxdepth $scan_max_depth $find_opts -type f $find_recentopts -size +${scan_min_filesize}c -size -$scan_max_filesize $include_regex -not -perm 000 $exclude_regex $ignore_fext $ignore_root $ignore_user $ignore_group"
-		$nice_command $find /lmd_find/ "${spaths[@]}" $spath_tmpdirs $find_prune -maxdepth "$scan_max_depth" $find_opts -type f $find_recentopts -size +"${scan_min_filesize}c" -size -"${scan_max_filesize}" $include_regex -not -perm 000 $exclude_regex $ignore_fext $ignore_root $ignore_user $ignore_group 2>/dev/null | grep -E -vf "$ignore_paths" > $find_results
+		if [ "$days" == "all" ]; then
+			eout "{scan} executed $nice_command $find $spath $spath_tmpdirs $find_prune -maxdepth $scan_max_depth $find_opts -type f -size +${scan_min_filesize}c -size -$scan_max_filesize $include_regex -not -perm 000 $exclude_regex $ignore_fext $ignore_root $ignore_user $ignore_group"
+			$nice_command $find /lmd_find/ "${spaths[@]}" $spath_tmpdirs $find_prune -maxdepth "$scan_max_depth" $find_opts -type f -size +"${scan_min_filesize}c" -size -"${scan_max_filesize}" $include_regex -not -perm 000 $exclude_regex $ignore_fext $ignore_root $ignore_user $ignore_group 2>/dev/null | grep -E -vf "$ignore_paths" > $find_results
+		else
+			eout "{scan} executed $nice_command $find $spath $spath_tmpdirs $find_prune -maxdepth $scan_max_depth $find_opts \( -mtime -${days} -o -ctime -${days} \) -type f -size +${scan_min_filesize}c -size -$scan_max_filesize $include_regex -not -perm 000 $exclude_regex $ignore_fext $ignore_root $ignore_user $ignore_group"
+			$nice_command $find /lmd_find/ "${spaths[@]}" $spath_tmpdirs $find_prune -maxdepth "$scan_max_depth" $find_opts  \( -mtime -${days} -o -ctime -${days} \) -type f -size +"${scan_min_filesize}c" -size -"${scan_max_filesize}" $include_regex -not -perm 000 $exclude_regex $ignore_fext $ignore_root $ignore_user $ignore_group 2>/dev/null | grep -E -vf "$ignore_paths" > $find_results
+		fi
+
 		cd $tmpdir
 		rm -rf $tmpscandir
 		if [ "$rscan" = "1" ] && [ "$scan_export_filelist" == "1" ]; then

files/maldet

@@ -235,6 +235,7 @@ else
 				trap trap_exit 2
 				shift
 				spath="$1"
+				hrspath="$1"
 				shift
 				days="$1"
 				if [ -z "$spath" ]; then