tyler.durden
/
lynis
mirror of https://github.com/CISOfy/lynis.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

[AUTH-9229] make test only available for root

This commit is contained in:
Michael Boelen 2020-03-23 13:19:10 +01:00
parent 4e35b91ab2
commit 17bbaa8f7a
No known key found for this signature in database
GPG Key ID: 26141F77A09D7F04
1 changed files with 41 additions and 39 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
include/tests_authentication
View File

@ -329,10 +329,12 @@
# Test : AUTH-9229
# Description : Check password hashing methods vs. recommendations in crypt(5)
# Notes : Applicable to all Unix-like OS
Register --test-no AUTH-9229 --weight L --network NO --category security --description "Check password hashing methods"
# Requires read access to /etc/shadow (if it exists)
Register --test-no AUTH-9229 --root-only YES --weight L --network NO --category security --description "Check password hashing methods"
if [ ${SKIPTEST} -eq 0 ]; then
LogText "Test: Checking password hashing methods"
if [ -e ${ROOTDIR}etc/shadow ]; then SHADOW=${ROOTDIR}etc/shadow; else SHADOW=""; fi
SHADOW="";
if [ -e ${ROOTDIR}etc/shadow ]; then SHADOW="${ROOTDIR}etc/shadow"; fi
FIND=$(${CAT_BINARY} ${ROOTDIR}etc/passwd ${SHADOW} | ${AWKBINARY} -F : '{print length($2) ":" $2 }' | while read METHOD; do
case ${METHOD} in
1:\* | 1:x | 0: | *:!*)