Mirrors/linux-baseline
2
0
Fork 0
mirror of https://github.com/dev-sec/linux-baseline synced 2025-02-16 09:48:25 +00:00
Code Issues Projects Releases Packages Wiki Activity

Commit graph

  • b4dc774c06
         Merge 90ce40c337 into 4a44c941db #189 Mikhail 2024-08-21 20:32:41 +00:00
  • 90ce40c337 Add two more checks for PATH env variable #189 Mikhail 2024-08-21 23:24:35 +03:00
  • cc75ffbe12
         Merge 4cf0f0ab3c into 4a44c941db #186 TejaRajK 2024-08-21 23:27:53 +03:00
  • 4a44c941db update inspec.yml and changelog master 2.9.0 dev-sec CI 2024-08-21 07:50:33 +00:00
  • 9805ec5d07
         Repair release workflow schurzi 2024-08-21 09:49:23 +02:00
  • d06e065952
         Use current source for CINC packages schurzi 2024-08-21 09:37:12 +02:00
  • 1e45e05f8b
         Update sysctl_spec.rb #187 TejaRajK 2024-05-15 23:49:06 +05:30
  • a193230b44
         Update sysctl_spec.rb TejaRajK 2024-05-15 10:21:23 +05:30
  • 82487873d1
         Update sysctl_spec.rb TejaRajK 2024-05-15 10:09:50 +05:30
  • f7c03eac42
         Update sysctl_spec.rb TejaRajK 2024-05-14 23:17:32 +05:30
  • 50c21a02a7
         Update sysctl_spec.rb TejaRajK 2024-05-14 22:52:59 +05:30
  • dd01711bfc
         Update sysctl_spec.rb TejaRajK 2024-05-14 17:29:35 +05:30
  • 238d967a95
         Update sysctl_spec.rb TejaRajK 2024-05-14 17:05:51 +05:30
  • 31322d5adf
         Update sysctl_spec.rb TejaRajK 2024-05-14 16:13:26 +05:30
  • 1565b08e6b
         Update sysctl_spec.rb TejaRajK 2024-05-14 15:26:20 +05:30
  • dd7e8a87cc
         Update os_spec.rb TejaRajK 2024-05-14 14:29:58 +05:30
  • 09773bc19b
         Update os_spec.rb TejaRajK 2024-05-14 13:30:27 +05:30
  • 4cf0f0ab3c
         Update os_spec.rb #186 TejaRajK 2024-05-14 11:00:48 +05:30
  • c136bd7e4f
         Update os_spec.rb TejaRajK 2024-05-14 10:31:19 +05:30
  • 34a1960ada
         Update os_spec.rb #185 TejaRajK 2024-05-09 22:21:35 +05:30
  • 0adb7a2c57 update inspec.yml and changelog dev-sec CI 2023-11-19 15:51:11 +00:00
  • 1b2026ff42
         Merge pull request #184 from dev-sec/inspec6 schurzi 2023-11-19 16:50:04 +01:00
  • 19825b5565 fix formating #184 Martin Schurz 2023-11-19 16:49:11 +01:00
  • ba94b91d38 add all inputs Martin Schurz 2023-11-19 01:12:44 +01:00
  • d079b4a57f use only metadata Martin Schurz 2023-11-19 01:07:22 +01:00
  • b850f351b6 ensure compatibility with new inspec version Martin Schurz 2023-11-18 21:35:28 +01:00
  • 11471d5507 ensure compatibility with new inspec version Martin Schurz 2023-11-18 21:27:23 +01:00
  • fe9081f632 update inspec.yml and changelog dev-sec CI 2023-05-02 12:53:14 +00:00
  • 9d57fead33
         Merge pull request #183 from dev-sec/codespell schurzi 2023-05-02 14:51:35 +02:00
  • 6cfbd386f0 fix spelling errors #183 Martin Schurz 2023-04-30 19:11:41 +02:00
  • fe8a9eff9f add codespell action Martin Schurz 2023-04-30 19:01:33 +02:00
  • ce0e4c6a31 update inspec.yml and changelog dev-sec CI 2023-03-31 08:43:53 +00:00
  • 7b4d99ac85
         Merge pull request #182 from dev-sec/renovate/configure schurzi 2023-03-31 10:42:08 +02:00
  • 23c1c028a3 configure renovate #182 Martin Schurz 2023-03-31 10:41:46 +02:00
  • 641ad36898
         Add renovate.json renovate[bot] 2023-03-29 21:44:26 +00:00
  • fe97ab4671 test ruby3 #181 ruby3 Martin Schurz 2022-12-30 14:34:25 +01:00
  • d962a5de64 update inspec.yml and changelog dev-sec CI 2022-12-12 08:42:57 +00:00
  • 823e2b9dce
         Merge pull request #180 from dev-sec/fix_sysctl_ipv6 schurzi 2022-12-12 09:41:06 +01:00
  • 7a6e7162fe fix wrong sysctl #180 fix_sysctl_ipv6 Sebastian Gumprich 2022-12-12 09:13:26 +01:00
  • fcd64d719c update inspec.yml and changelog dev-sec CI 2022-11-30 15:18:51 +00:00
  • 7075e76ed9
         Merge pull request #179 from dev-sec/extend_sysctls schurzi 2022-11-30 16:17:04 +01:00
  • c15739b961 extend sysctls for ipv6 #179 extend_sysctls Sebastian Gumprich 2022-11-30 15:21:55 +01:00
  • 666e709253 update inspec.yml and changelog dev-sec CI 2022-10-28 05:18:33 +00:00
  • ecf5ab6563
         Merge pull request #178 from dev-sec/central_workflow Sebastian Gumprich 2022-10-28 07:16:53 +02:00
  • 4b7d398376 use centralised issue templates and workflows #178 central_workflow Martin Schurz 2022-10-26 20:17:26 +02:00
  • faa71996fb update inspec.yml and changelog dev-sec CI 2022-09-29 07:24:47 +00:00
  • 48f72d8c10
         Update release.yml 2.8.3 Sebastian Gumprich 2022-09-29 09:23:02 +02:00
  • 7d75f2a0c1
         Update release.yml Sebastian Gumprich 2022-09-29 09:21:18 +02:00
  • 7ce5a1d218
         Merge pull request #177 from dev-sec/rndmh3ro-patch-1 schurzi 2022-09-24 15:46:05 +02:00
  • a04baec3b3 remove entropy-test #177 Sebastian Gumprich 2022-09-23 13:09:37 +02:00
  • 436bf2f4ae
         Merge pull request #175 from dev-sec/ubuntu22 schurzi 2022-08-06 15:55:57 +02:00
  • 92cedeb529 only disable SquashFS if it's not needed #175 Martin Schurz 2022-08-06 15:08:28 +02:00
  • 81ce2ab60c
         Merge pull request #172 from dev-sec/protected_fifos schurzi 2022-07-11 12:17:52 +02:00
  • 5247b07871 fix handling of sysctl fs.protected_fifos and fs.protected_regular #172 Martin Schurz 2022-07-11 12:05:53 +02:00
  • 34b215b87c update inspec.yml and changelog dev-sec CI 2022-03-18 19:46:30 +00:00
  • 07929ea2d1
         Merge pull request #169 from dev-sec/newlint schurzi 2022-03-18 20:44:54 +01:00
  • e646854c33 apply cookstyle fixes #169 newlint Martin Schurz 2022-03-18 20:41:09 +01:00
  • b06edb2adc use cookstyle for linting Martin Schurz 2022-03-18 20:39:51 +01:00
  • f0084b869f update inspec.yml and changelog dev-sec CI 2022-02-14 10:02:12 +00:00
  • f1bff02e51
         Merge pull request #168 from magmax/master Michée lengronne 2022-02-14 11:00:03 +01:00
  • 10657ca958 Improve SUID find #168 Miguel Angel Garcia 2022-02-12 10:44:21 +01:00
  • 99a7016135 update inspec.yml and changelog 2.8.2 dev-sec CI 2022-01-12 17:22:46 +00:00
  • 8e3a25a606
         Merge pull request #167 from dev-sec/micheelengronne-patch-1 Michée lengronne 2022-01-12 18:20:45 +01:00
  • e679f92128 missing inputs changed #167 Michée lengronne 2022-01-12 18:12:38 +01:00
  • 4b079b3489 update inspec.yml and changelog 2.8.1 dev-sec CI 2022-01-12 16:19:03 +00:00
  • b5284b923e
         use input instead of attribute (#166) Michée lengronne 2022-01-12 17:17:16 +01:00
  • 00317f6313 Update Rakefile #166 Michée lengronne 2022-01-12 13:11:55 +01:00
  • c40aefa220 Update inspec.yml Michée lengronne 2022-01-12 12:33:42 +01:00
  • 486bcd650b Update sysctl_spec.rb Michée lengronne 2022-01-12 11:37:17 +01:00
  • 5bd9ca15fc use input instead of attribute Michée lengronne 2022-01-12 11:36:23 +01:00
  • fd9581afec update inspec.yml and changelog dev-sec CI 2021-11-23 11:07:35 +00:00
  • 1840dbb624
         feat: add rules to check noexec, nosuid and nodev mount options (#164) Claudius Heine 2021-11-23 12:04:53 +01:00
  • 1e24d71f50
         Merge 4c607b050a into e503f97a9d #165 Claudius Heine 2021-11-04 14:13:34 +00:00
  • 4c607b050a feat: add rules to ensure that all referred users and gids exist #165 Claudius Heine 2021-11-04 14:29:05 +01:00
  • 137b573512 feat: add rule to ensure shadow group does not have any members Claudius Heine 2021-11-04 14:14:25 +01:00
  • 29211f206b feat: add rule to check users and groups are unique Claudius Heine 2021-11-04 13:55:27 +01:00
  • 18a5383bd7 feat: add control to check for legacy NIS entries in account files Claudius Heine 2021-11-04 13:45:26 +01:00
  • 49b94e6203 feat: add rule to check root user is member of group root Claudius Heine 2021-11-04 13:16:26 +01:00
  • 458a6e70ea feat: add control to check if system user are non-login Claudius Heine 2021-11-03 15:55:38 +01:00
  • b1fa8c11a9 feat: add rule to check for password change dates in the past Claudius Heine 2021-11-03 15:12:35 +01:00
  • c67d0eb914 feat: add rules to check noexec, nosuid and nodev mount options #164 Claudius Heine 2021-10-26 10:28:01 +02:00
  • be3eb4ce31
         Merge 4b67c2dc31 into e503f97a9d #162 Claudius Heine 2021-11-03 11:00:09 +01:00
  • 4b67c2dc31 feat: expand security check: add other passwd and group files #162 Claudius Heine 2021-10-25 09:22:51 +02:00
  • 5d29e31dd3 feat: expand security control to check for other shadow files Claudius Heine 2021-10-25 09:17:30 +02:00
  • 4225e46139
         Merge 5514245170 into e503f97a9d #157 Maik Stübner 2021-10-28 14:19:09 +02:00
  • 98743a920f
         Merge 92a6c851bb into e503f97a9d #158 Maik Stübner 2021-10-25 09:33:55 +02:00
  • e503f97a9d update inspec.yml and changelog dev-sec CI 2021-10-19 13:13:33 +00:00
  • 00d24baa66
         added sysctl-34 for checking link protection settings (#160) Claudius Heine 2021-10-19 15:11:46 +02:00
  • 2d435b44ca added sysctl-34 for checking link protection settings #160 Claudius Heine 2021-09-14 08:52:55 +02:00
  • 5514245170 fix typo of pam checks #157 Maik Stuebner 2021-07-26 06:37:33 +02:00
  • 92a6c851bb Fix syntax of auditd checks #158 Maik Stuebner 2021-07-23 15:00:32 +02:00
  • 8cf95c284e Add Check for auditd rules Maik Stuebner 2021-07-23 12:14:29 +02:00
  • 330b86cfb1 set default for password remember back to 5 Maik Stuebner 2021-07-22 09:36:37 +02:00
  • 109d01a478 Check Configuration of password remember and set default to 60 Maik Stuebner 2021-07-21 14:27:18 +02:00
  • 5486b908cd Cookstyle Bot Auto Corrections with Cookstyle 7.14.0 This change is automatically generated by the Cookstyle Bot using the latest version of Cookstyle (7.14.0). Adopting changes suggested by Cookstyle improves cookbook readability, avoids common coding mistakes, and eases upgrades to newer versions of the Chef Infra Client. #156 cookstyle_bot/cookstyle_7_14_0 Cookstyle 2021-06-21 13:46:24 -07:00
  • 2735730e7f update inspec.yml and changelog 2.8.0 dev-sec CI 2021-05-06 15:02:19 +00:00
  • 74262fe33a
         Merge pull request #155 from dev-sec/ipv6 schurzi 2021-05-06 16:13:35 +02:00
  • c017b3ae5b remove sysctl-18 - ipv6 no longer needs to be disabled #155 Martin Schurz 2021-05-05 23:39:44 +02:00
  • f8a5837b94 update inspec.yml and changelog dev-sec CI 2021-04-29 10:34:13 +00:00
  • d5022560cc
         Merge pull request #154 from dev-sec/remove_control_07 Sebastian Gumprich 2021-04-29 12:32:19 +02:00