74 lines
1.6 KiB
YAML
74 lines
1.6 KiB
YAML
---
|
|
|
|
{{ if .Vars.ubtu24cis_level_1 }}
|
|
{{ if .Vars.ubtu24cis_rule_7_2_10 }}
|
|
command:
|
|
bad_dot_files:
|
|
title: 7.2.10 | Ensure local interactive user dot files access is configured | bad dot files
|
|
exec: 'find /home/ -name "\.forward" -o -name "\.netrc" -o -name "\.rhosts"'
|
|
exit-status: 0
|
|
stdout:
|
|
- '!/./'
|
|
meta:
|
|
server: 1
|
|
workstation: 1
|
|
CIS_ID:
|
|
- 7.2.10
|
|
CISv8: 3.3
|
|
CISv8_IG1: True
|
|
CISv8_IG2: True
|
|
CISv8_IG3: True
|
|
NIST800-53R5:
|
|
- CM-1
|
|
- CM-2
|
|
- CM-6
|
|
- CM-7
|
|
- IA-5
|
|
dot_file_perms:
|
|
title: 7.2.10 | Ensure local interactive user dot files access is configured | dot files permissions
|
|
exec: 'find /home/ -name "\.*" -perm /g+w,o+w | grep -v .bash_history'
|
|
exit-status:
|
|
or:
|
|
- 0
|
|
- 1
|
|
stdout:
|
|
- '!/./'
|
|
meta:
|
|
server: 1
|
|
workstation: 1
|
|
CIS_ID:
|
|
- 7.2.10
|
|
CISv8: 3.3
|
|
CISv8_IG1: True
|
|
CISv8_IG2: True
|
|
CISv8_IG3: True
|
|
NIST800-53R5:
|
|
- CM-1
|
|
- CM-2
|
|
- CM-6
|
|
- CM-7
|
|
- IA-5
|
|
dot_file_bash_history:
|
|
title: 7.2.10 | Ensure local interactive user dot files access is configured | bash_history files permissions
|
|
exec: 'find /home/ -name "\.bash_history" -perm /go+rwx'
|
|
exit-status: 0
|
|
stdout:
|
|
- '!/./'
|
|
meta:
|
|
server: 1
|
|
workstation: 1
|
|
CIS_ID:
|
|
- 7.2.10
|
|
CISv8: 3.3
|
|
CISv8_IG1: True
|
|
CISv8_IG2: True
|
|
CISv8_IG3: True
|
|
NIST800-53R5:
|
|
- CM-1
|
|
- CM-2
|
|
- CM-6
|
|
- CM-7
|
|
- IA-5
|
|
{{ end }}
|
|
{{ end }}
|