Mirrors/linux-baseline
2
0
Fork 0
mirror of https://github.com/dev-sec/linux-baseline synced 2024-11-23 03:33:02 +00:00
Code Issues Projects Releases Packages Wiki Activity
323 commits 17 branches 31 tags 478 KiB
Commit graph

81 commits

Author SHA1 Message Date
bitvijays
3303c00721 CIS 1.5.4 Ensure prelink is disabled 
Signed-off-by: bitvijays <bitvijays@gmail.com>
 2017-07-04 02:04:40 +05:30
Christoph Hartmann
e192b1e766 Merge pull request #70 from mcgege/os-02 
os-02: Fix for SUSE environments
 2017-06-27 04:51:21 -07:00
Michael Geiger
c310414967 os-02: Fix for SUSE environments 
Signed-off-by: Michael Geiger <michael.geiger@telekom.de>
 2017-06-27 09:51:39 +02:00
Michael Geiger
c439a23d3b On SUSE environments 'auditd' is part of package 'audit' 2017-06-26 11:59:23 +02:00
Patrick Münch
105ec0fc99 Merge pull request #63 from artem-forks/num_logs 
num_logs has different values on different distros
 2017-05-31 11:56:23 +02:00
Alex Pop
4f5fc943dd Use only_if to avoid upload warning 2017-05-30 11:37:27 +01:00
Alex Pop
085b42857e Use assignment_regex and bump profile version 2017-05-30 11:27:37 +01:00
Artem Sidorenko
4d63500d9a num_logs has different values on different distros 
on debian 7 its 4, on everything else its 5

Lets remove this as it looks related only to logrotation
 2017-05-27 21:53:57 +02:00
Artem Sidorenko
deb96a624e Allow verification if kernel modules loading is disabled 
Signed-off-by: Artem Sidorenko <artem@posteo.de>
 2017-05-22 19:53:35 +02:00
Artem Sidorenko
97c7be99d2 Fix: more generic auditd settings 
in order to match the defaults of all mainstream distros

Some of settings are removed, as the defaults of distros are different,
based on the intention of author [1] they are also not really important here

[1]: https://github.com/dev-sec/linux-baseline/pull/44#commitcomment-21381289

Signed-off-by: Artem Sidorenko <artem@posteo.de>
 2017-05-10 23:53:43 +02:00
Artem Sidorenko
e3df2dbb13 Verify the dump path only if dumpable is set to suidsafe 
See this discussion 790371c5fd (commitcomment-21277650)
 2017-03-13 19:56:44 +01:00
Artem Sidorenko
8f763e51b4 Properly verify the kernel dump setting 
0 and 2 are the allowed options
 2017-03-12 17:48:32 +01:00
iamthemuffinman
50f719d9f6 Use one block 2017-02-16 11:27:32 -05:00
iamthemuffinman
31ca8e8f98 auditd package is called audit in the rhel family 2017-02-15 17:16:40 -05:00
Patrick Münch
50e28b58ea Merge pull request #44 from juju4/master 
essay: differentiate redhat/debian, add extra conditions
 2017-02-08 21:07:28 +01:00
techraf
7972eca00c Check 'net.ipv4.conf.default.send_redirects' instead of 'net.ipv4.conf.all.send_redirects' twice 2017-01-13 08:48:27 +09:00
juju4
1ec817fe20 fix rubocop Conventions 2016-12-22 04:58:26 -05:00
juju4
ed00917131 fix rubocop Conventions 2016-12-22 04:55:31 -05:00
juju4
c27fc05aee fix rubocop Conventions 2016-12-22 04:50:09 -05:00
juju4
50abb79577 fix rubocop Conventions 2016-12-22 04:45:40 -05:00
juju4
1726723827 fix rubocop Conventions 2016-12-22 04:39:14 -05:00
juju4
f207161143 fix rubocop Conventions 2016-12-22 04:34:49 -05:00
juju4
e62cb3f0ef fix rubocop Conventions 2016-12-22 04:27:09 -05:00
juju4
4b029d7e99 fix rubocop Conventions 2016-12-22 04:23:07 -05:00
juju4
b2cd7ee312 fix rubocop Conventions 2016-12-22 04:17:32 -05:00
juju4
e297ff2b1e fix rubocop Warning and most Conventions 2016-12-22 04:09:07 -05:00
juju4
cdcc9f7721 use attributes, include PR feedback 2016-12-21 13:53:32 -05:00
juju4
790371c5fd differentiate redhat/debian test, add extra conditions like entropy or ENV dependent test 2016-09-18 16:38:55 -04:00
Christoph Hartmann
bb7c532f0f bug fix cpu flags and change default for net.ipv4.conf.all.log_martians 2016-04-29 15:16:57 +02:00
Christoph Hartmann
8ff2ada319 improve style 2016-04-29 13:02:19 +02:00
Christoph Hartmann
dd9706cb45 migrate to inspec profile 2016-04-29 13:02:05 +02:00