Mirrors/linux-baseline
2
0
Fork 0
mirror of https://github.com/dev-sec/linux-baseline synced 2024-11-13 23:17:06 +00:00
Code Issues Projects Releases Packages Wiki Activity

Merge pull request #141 from schurzi/docker_cpuvuln

Browse source 
only check cpu vulnerabilities if not in container
This commit is contained in:
Michée lengronne 2020-12-16 22:04:11 +01:00 committed by GitHub
commit a0de5c6553
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
controls/os_spec.rb
View file

@ -243,6 +243,7 @@ control 'os-12' do
impact 1.0
title 'Detect vulnerabilities in the cpu-vulnerability-directory'
desc 'Check for known cpu vulnerabilities described here: https://www.kernel.org/doc/html/v5.6/admin-guide/hw-vuln/index.html'
only_if { !container_execution }
if file(cpuvulndir).exist?
describe file(cpuvulndir) do