Mirrors/linux-baseline
2
0
Fork 0
mirror of https://github.com/dev-sec/linux-baseline synced 2024-11-22 19:23:02 +00:00
Code Issues Projects Releases Packages Wiki Activity

add cron permissions hardening

Browse source
This commit is contained in:
Sebastian Gumprich 2021-02-22 09:47:05 +01:00
parent df6b9523cd
commit 06acbe35b8
1 changed files with 19 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

19
controls/os_spec.rb
View file

@ -262,3 +262,22 @@ control 'os-12' do
end
end
end
control 'os-13' do
impact 1.0
title 'Protect cron directories and files'
desc 'The cron directories and files should belong to root.'
cron_files = ['/etc/crontab', '/etc/cron.hourly', '/etc/cron.daily', '/etc/cron.weekly', '/etc/cron.monthly', '/etc/cron.d']
cron_files.each do |cron_file|
next unless file(cron_file).exist?
describe file(cron_file) do
it { should be_owned_by 'root' }
it { should_not be_writable.by('group') }
it { should_not be_writable.by('other') }
it { should_not be_readable.by('group') }
it { should_not be_readable.by('other') }
end
end
end