feat: add check for hardened_malloc flatpak preload (#412)

* updated has_permission to use regex matching

* added flatpak check for hardened_malloc

* changed hasPermission to maintain old behavior for strings

files/system/usr/share/ublue-os/just/70-secureblue.just

@@ -356,7 +356,7 @@ audit-secureblue:
         local line=$(grep "^${prefix}=" <<< "$permissions" | sed -e "s/^${prefix}=//" -e "s/#.*//")
         IFS=';' read -r -a list <<< "$line"
         for p in ${list[@]}; do
-            if [[ "$p" == "$query" ]]; then
+            if [[ "$p" =~ ^$query$ ]]; then
                 return
             fi
         done
@@ -572,6 +572,10 @@ audit-secureblue:
                 status="$STATUS_FAILURE"
                 warnings+=("> $f has x11 access!")
             fi
+            if ! hasPermission "$permissions" "LD_PRELOAD" .*"/libhardened_malloc.so"; then
+                status="$STATUS_FAILURE"
+                warnings+=("> $f is not using hardened_malloc!")
+            fi
             flatpak_test_string="Auditing $f"
             print_status "$flatpak_test_string" "$status"
             for warning in "${warnings[@]}"; do