diff --git a/usr/lib/security-misc/permission-hardening b/usr/lib/security-misc/permission-hardening
index 2059644..11f0cc3 100755
--- a/usr/lib/security-misc/permission-hardening
+++ b/usr/lib/security-misc/permission-hardening
@@ -28,13 +28,13 @@ add_statoverride_entry() {
       ## -u file      True if file has its set-user-id bit set.
       ## -g file      True if file has its set-group-id bit set.
 
-      if test -h "${file_name}" ; then
+      if test -h "$file_name" ; then
         ## https://forums.whonix.org/t/kernel-hardening/7296/323
-        true "skip symlink: ${file_name}"
+        true "skip symlink: $file_name"
         continue
       fi
 
-      if test -u "${file_name}" || test -g "${file_name}"; then
+      if test -u "$file_name" || test -g "$file_name"; then
         string_length_of_existing_mode="${#existing_mode}"
         if [ "$string_length_of_existing_mode" = "4" ]; then
           new_mode="${existing_mode:1}"
@@ -42,20 +42,20 @@ add_statoverride_entry() {
           new_mode="${existing_mode}"
         fi
 
-        echo "suid - file_name: '${file_name}' | existing_mode: '${existing_mode}' | new_mode: '$new_mode'"
+        echo "suid - file_name: '$file_name' | existing_mode: '$existing_mode' | new_mode: '$new_mode'"
 
-        if dpkg-statoverride --list | grep -q "${file_name}"; then
-          if ! dpkg-statoverride --list | grep -q "${owner} ${group} ${existing_mode:1} ${file_name}"; then
-            echo_wrapper dpkg-statoverride --remove "${file_name}"
-            echo_wrapper dpkg-statoverride --add --update "${owner}" "${group}" "${existing_mode:1}" "${file_name}"
+        if dpkg-statoverride --list | grep -q "$file_name"; then
+          if ! dpkg-statoverride --list | grep -q "${owner} ${group} ${existing_mode:1} $file_name"; then
+            echo_wrapper dpkg-statoverride --remove "$file_name"
+            echo_wrapper dpkg-statoverride --add --update "${owner}" "${group}" "${existing_mode:1}" "$file_name"
           fi
         else
-          echo_wrapper dpkg-statoverride --add --update "${owner}" "${group}" "${existing_mode:1}" "${file_name}"
+          echo_wrapper dpkg-statoverride --add --update "${owner}" "${group}" "${existing_mode:1}" "$file_name"
         fi
       fi
     done < <( stat -c "%n %a %U %G" "${fso%/}/"** )
   else
-    echo_wrapper dpkg-statoverride --add --update "${owner}" "${group}" "${mode}" "${fso%/}"
+    echo_wrapper dpkg-statoverride --add --update "${owner}" "${group}" "$mode" "${fso%/}"
   fi
 }
 
@@ -89,14 +89,14 @@ set_file_perms() {
     fi
 
     nosuid=""
-    if [ "${mode}" = "nosuid" ]; then
+    if [ "$mode" = "nosuid" ]; then
       nosuid="true"
-    elif ! seq -w 000 4777 | grep -qw "${mode}"; then
-      echo "ERROR: Mode '${mode}' is invalid!" >&2
+    elif ! seq -w 000 4777 | grep -qw "$mode"; then
+      echo "ERROR: Mode '$mode' is invalid!" >&2
       continue
     fi
 
-    if [ ! "${mode}" = "nosuid" ]; then
+    if [ ! "$mode" = "nosuid" ]; then
       if ! getent passwd | grep -q "^${owner}:"; then
          echo "ERROR: User '${owner}' does not exist!" >&2
          continue
@@ -120,12 +120,12 @@ set_file_perms() {
       add_statoverride_entry
     fi
 
-    if ! [ "${capability}" = "" ]; then
-      if [ "${capability}" = "none" ]; then
+    if ! [ "$capability" = "" ]; then
+      if [ "$capability" = "none" ]; then
         echo_wrapper setcap -r "${fso}"
       else
-        if ! capsh --print | grep "Bounding set" | grep -q "${capability}"; then
-           echo "ERROR: Capability '${capability}' does not exist!" >&2
+        if ! capsh --print | grep "Bounding set" | grep -q "$capability"; then
+           echo "ERROR: Capability '$capability' does not exist!" >&2
            continue
         fi