tyler.durden
/
lynis
mirror of https://github.com/CISOfy/lynis.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

STRG-1840: disabled suggestion as this is considered high secure item

This commit is contained in:
mboelen 2016-03-08 09:50:28 +01:00
parent 62f31a8b82
commit ebdd946570
1 changed files with 7 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
include/tests_storage
View File

@ -61,7 +61,6 @@
AddHP 3 3 AddHP 3 3
fi fi
LogText "Test: Checking USB devices authorization to connect to the system" LogText "Test: Checking USB devices authorization to connect to the system"
FOUND=0 FOUND=0
USBDEVICESPATH="/sys/bus/usb/devices/usb" USBDEVICESPATH="/sys/bus/usb/devices/usb"
@ -70,24 +69,26 @@
if [ `cat "${device}/authorized_default"` -eq 1 ]; then if [ `cat "${device}/authorized_default"` -eq 1 ]; then
FOUND=1 FOUND=1
LogText "Test: ${device} is authorized by default" LogText "Test: ${device} is authorized by default"
report "usb_authorized_default_device[]=${device}"
elif [ `cat "${device}/authorized"` -eq 1 ]; then elif [ `cat "${device}/authorized"` -eq 1 ]; then
FOUND=1 FOUND=1
LogText "Test: ${device} is authorized for now" LogText "Test: ${device} is authorized currently"
report "usb_authorized_device[]=${device}"
fi fi
fi fi
done done
if [ ${FOUND} -eq 1 ]; then if [ ${FOUND} -eq 1 ]; then
LogText "Result: Some USB devices are authorized by default or temporary to connect to the system" LogText "Result: Some USB devices are authorized by default (or temporary) to connect to the system"
Display --indent 2 --text "- Checking USB devices authorization" --result "ENABLED" --color RED Display --indent 2 --text "- Checking USB devices authorization" --result "ENABLED" --color RED
ReportSuggestion ${TEST_NO} "Disable USB devices authorization, to prevent unauthorized storage or data theft" # To-Be-Added: create documentation and enable the suggestion
#ReportSuggestion ${TEST_NO} "Disable USB devices authorization, to prevent unauthorized storage or data theft"
AddHP 0 3 AddHP 0 3
else else
LogText "Result: None USB devices are authorized by default or temporary to connect to the system" LogText "Result: None USB devices are authorized by default (or temporary) to connect to the system"
Display --indent 2 --text "- Checking USB devices authorization" --result "DISABLED" --color GREEN Display --indent 2 --text "- Checking USB devices authorization" --result "DISABLED" --color GREEN
AddHP 3 3 AddHP 3 3
fi fi
fi fi
# #
################################################################################# #################################################################################