Add option to ignore symlinks completely

[blenk92]

When analyzing a complete rootfs (which might not be the rootfs of the
analyzing system) symlink within that rootfs might be broken. In
particular absolute symlinks. However, if by chance such a symlink
currently points to a valid binary in your system, this binary pointed
to is analyzed. This commit adds the possibility to ignore symlinks to
files (symlinks to dirs are already ignored by default). This allows to
solve the issue described above, and if the whole rootfs is analyzed
there shouldn't be a loss of information (because all the binaries will
be analyzed anyway). Additionally, this also saves some time when
performing the analysis.

[Wenzel]

The issue is that this line will yield any path, and not filter on the symlink as expected.

for example, if you have some symlinks in /usr/lib (/usr/lib/cpp -> /etc/alternatives/cpp),
running checksec.py -i /usr/lib will still yield /usr/lib/cpp because it goes through that yield from

Can you find a way to rework that function ?

[Wenzel]

This is a fix, I duplicated the condition:

def walk_filepath_list(filepath_list: List[Path], recursive: bool = False, ignore_symlinks: bool = False) -> Iterator[Path]:
    for path in filepath_list:
        if path.is_dir() and not path.is_symlink():
            if recursive:
                for f in os.scandir(path):
                    yield from walk_filepath_list([Path(f)], recursive, ignore_symlinks)
            else:
                yield from (Path(f) for f in os.scandir(path) if f.is_file()
                        and (not ignore_symlinks or not f.is_symlink()))
        elif path.is_file() and (not ignore_symlinks or not path.is_symlink()):
            yield path

but i don't like duplication 😕

[blenk92]

Hi, sure i can try to come up with something ;-)

[blenk92]

hope switching to os.walk() is fine for you, seemed a bit simpler to me ;-)