Check also /var and assign hardening points

2015-04-07 17:19:25 +02:00 · 2015-04-07 17:19:25 +02:00 · e21e8679e0
parent 7785c5a610
commit e21e8679e0
1 changed files with 6 additions and 9 deletions
--- a/include/tests_filesystems
+++ b/include/tests_filesystems
@ -29,13 +29,12 @@
 #################################################################################
 #
    # Test        : FILE-6310
-    # Description : Checking if /tmp and /home are separated from /
-    # Goal        : Users should not be able to fill their home directory or
-    #               temporary directory and creating a Denial of Service
-    Register --test-no FILE-6310 --weight L --network NO --description "Checking /tmp and /home directory"
+    # Description : Checking if some mount points are separated from /
+    # Goal        : Users should not be able to fill their home directory or temporary directory and creating a Denial of Service
+    Register --test-no FILE-6310 --weight L --network NO --description "Checking /tmp, /home and /var directory"
    if [ ${SKIPTEST} -eq 0 ]; then
        Display --indent 2 --text "- Checking mount points"
-        SEPARATED_FILESYTEMS="/home /tmp"
+        SEPARATED_FILESYTEMS="/home /tmp /var"
        for I in ${SEPARATED_FILESYTEMS}; do
            logtext "Test: Checking if ${I} is mounted separately or mounted on / file system"
            if [ -L ${I} ]; then
@ -47,10 +46,12 @@
                if [ ! "${FIND}" = "" ]; then
                    logtext "Result: found ${I} as a separated mount point"
                    Display --indent 4 --text "- Checking ${I} mount point" --result OK --color GREEN
+                    AddHP 10 10
                  else
                    logtext "Result: ${I} not found in mount list. Directory most likely stored on / file system"
                    Display --indent 4 --text "- Checking ${I} mount point" --result SUGGESTION --color YELLOW
                    ReportSuggestion ${TEST_NO} "To decrease the impact of a full ${I} file system, place ${I} on a separated partition"
+                    AddHP 9 10
                fi
              else
                logtext "Result: directory ${I} does not exist"
@ -59,10 +60,6 @@
    fi
 #
 #################################################################################
-#
-    # YYY Checking Physical Volumes
-#
-#################################################################################
 #
    # Test        : FILE-6311
    # Description : Checking LVM Volume Groups