From 79632bfbe5512d24e8a6c732471c7bfe78029f68 Mon Sep 17 00:00:00 2001 From: Florian Sonnenschein Date: Tue, 14 May 2024 16:02:51 +0200 Subject: [PATCH] - Deleted "filevault_status" variable - Now checks if "fdesetup" exists - Add some hardening points (AddHP): 3 of 3 when enabled, 0 of 3, when not. --- include/tests_crypto | 32 +++++++++++++++++++------------- 1 file changed, 19 insertions(+), 13 deletions(-) diff --git a/include/tests_crypto b/include/tests_crypto index b7279163..7b77b707 100644 --- a/include/tests_crypto +++ b/include/tests_crypto @@ -222,19 +222,25 @@ # Description : Determine if system has enabled macOS FileVault encryption Register --test-no CRYP-7932 --os macOS --weight L --network NO --category crypto --description "Determine if system has enabled macOS FileVault encryption" if [ ${SKIPTEST} -eq 0 ]; then - filevault_status=$(fdesetup status) - - case "$filevault_status" in - *"FileVault is On."*) - LogText "Result: FileVault is enabled." - Display --indent 2 --text "- FileVault is enabled." --result "${STATUS_OK}" --color GREEN - Report "encryption[]=filevault" - ;; - *) - LogText "Result: FileVault is not enabled." - Display --indent 2 --text "- FileVault is not enabled." --result "${STATUS_WARNING}" --color RED - ;; - esac + if command -v fdesetup &> /dev/null; then + case $(fdesetup status) in + *"FileVault is On."*) + LogText "Result: FileVault is enabled." + Display --indent 2 --text "- FileVault is enabled." --result "${STATUS_OK}" --color GREEN + Report "encryption[]=filevault" + AddHP 3 3 + ;; + *) + LogText "Result: FileVault is not enabled." + Display --indent 2 --text "- FileVault is not enabled." --result "${STATUS_WARNING}" --color RED + AddHP 0 3 + ;; + esac + else + LogText "Result: fdesetup command not found. Unable to determine FileVault status." + Display --indent 2 --text "- Unable to determine FileVault status (fdesetup command not found)." --result "${STATUS_WARNING}" --color YELLOW + AddHP 0 3 + fi fi # #################################################################################