From 13d631781c9623bbdffa03a35dcbe9e94af008a9 Mon Sep 17 00:00:00 2001
From: gkrystev <gkrystev@gmail.com>
Date: Tue, 24 Jul 2018 20:08:08 +0300
Subject: [PATCH] Fix for umask check in case of multiple files (#560)

In case when umask is checked in multiple files and in some of the files except the last one a weak umask is found, the tool reports weak mask for the rest of the files. In the example bellow, the weak umask is only in /etc/csh.cshrc. However, the check /etc/profile is reported weak as well.

Expected:

Checking default umask values
Checking default umask in /etc/bashrc [ OK ]
Checking default umask in /etc/csh.cshrc [ WEAK ]
Checking default umask in /etc/profile [ OK ]
Actual:

Checking default umask values
Checking default umask in /etc/bashrc [ OK ]
Chhhhecking default umask in /etc/csh.cshrc [ WEAK ]
Chhhhecking default umask in /etc/profile [ WEAK ]
---
 include/tests_shells | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/include/tests_shells b/include/tests_shells
index 7b689a14..155483f0 100644
--- a/include/tests_shells
+++ b/include/tests_shells
@@ -235,9 +235,9 @@
     Register --test-no SHLL-6230 --weight H --network NO --category security --description "Perform umask check for shell configurations"
     if [ ${SKIPTEST} -eq 0 ]; then
         FOUND=0
-        HARDENING_POSSIBLE=0
         Display --indent 2 --text "- Checking default umask values"
         for FILE in ${SHELL_CONFIG_FILES}; do
+            HARDENING_POSSIBLE=0
             FIND=""
             if [ -f ${FILE} ]; then
                 LogText "Result: file ${FILE} exists"