Added INSE-8314 and INSE-8316 for NIS client and server

2019-07-14 13:13:02 +02:00 · 2019-07-14 13:13:02 +02:00 · 93e311e52e
parent 819f310750
commit 93e311e52e
1 changed files with 51 additions and 0 deletions
--- a/include/tests_insecure_services
+++ b/include/tests_insecure_services
@ -392,6 +392,57 @@
            Display --indent 2 --text "- Installed telnet server package" --result "${STATUS_NOT_FOUND}" --color GREEN
        fi
    fi
+
+#
+#################################################################################
+#
+    # Test        : INSE-8314
+    # Description : Check if NIS client is installed
+    Register --test-no INSE-8314 --weight L --network NO --category security --description "Check if NIS client is installed"
+    if [ ${SKIPTEST} -eq 0 ]; then
+        FOUND=""
+        LogText "Test: Checking if NIS client is installed"
+        PACKAGES="nis ypbind"
+        for PACKAGE in ${PACKAGES}; do
+            PackageIsInstalled "${PACKAGE}"
+            if [ $? -eq 0 ]; then
+                FOUND="${PACKAGE}"
+            fi
+        done
+        if [ ${FOUND} ]; then
+            LogText "Result: NIS client is installed"
+            Display --indent 2 --text "- Checking NIS client installation" --result "${STATUS_SUGGESTION}" --color YELLOW
+            ReportSuggestion ${TEST_NO} "NIS client should be removed as it contains numerous security exposures and have been replaced with the more secure SSH package"
+        else
+            LogText "Result: NIS client is NOT installed"
+            Display --indent 2 --text "- Checking NIS client installation" --result "${STATUS_OK}" --color GREEN
+        fi
+    fi
+#
+#################################################################################
+#
+    # Test        : INSE-8316
+    # Description : Check if NIS server is installed
+    Register --test-no INSE-8316 --weight L --network NO --category security --description "Check if NIS server is installed"
+    if [ ${SKIPTEST} -eq 0 ]; then
+        FOUND=""
+        LogText "Test: Checking if NIS server is installed"
+        PACKAGES="nis ypserv"
+        for PACKAGE in ${PACKAGES}; do
+            PackageIsInstalled "${PACKAGE}"
+            if [ $? -eq 0 ]; then
+                FOUND="${PACKAGE}"
+            fi
+        done
+        if [ ${FOUND} ]; then
+            LogText "Result: NIS server is installed"
+            Display --indent 2 --text "- Checking NIS server installation" --result "${STATUS_SUGGESTION}" --color YELLOW
+            ReportSuggestion ${TEST_NO} "Removing the ${FOUND} package decreases the risk of the accidental (or intentional) activation of NIS or NIS+ services"
+        else
+            LogText "Result: NIS server is NOT installed"
+            Display --indent 2 --text "- Checking NIS server installation" --result "${STATUS_OK}" --color GREEN
+        fi
+    fi
 #
 #################################################################################
 #