Mirrors/linux-baseline
2
0
Fork 0
mirror of https://github.com/dev-sec/linux-baseline synced 2025-02-16 17:58:24 +00:00
Code Issues Projects Releases Packages Wiki Activity

Merge pull request #71 from bitvijays/cis_disable_unused_filesystem

Browse source 
1.1.1 CIS Disable unused filesystem
This commit is contained in:
Patrick Münch 2017-07-07 07:12:17 +02:00 committed by GitHub
commit 38573dda17
1 changed files with 16 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
controls/os_spec.rb
View file

@ -224,3 +224,19 @@ control 'os-09' do
it { should be_empty }
end
end
control 'os-10' do
impact 1.0
title 'CIS: Disable unused filesystems'
desc '1.1.1 Ensure mounting of cramfs, freevxfs, jffs2, hfs, hfsplus, squashfs, udf, FAT'
describe file('/etc/modprobe.d/dev-sec.conf') do
its(:content) { should match 'install cramfs /bin/true' }
its(:content) { should match 'install freevxfs /bin/true' }
its(:content) { should match 'install jffs2 /bin/true' }
its(:content) { should match 'install hfs /bin/true' }
its(:content) { should match 'install hfsplus /bin/true' }
its(:content) { should match 'install squashfs /bin/true' }
its(:content) { should match 'install udf /bin/true' }
its(:content) { should match 'install vfat /bin/true' }
end
end