tyler.durden
/
lynis
mirror of https://github.com/CISOfy/lynis.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
1,244 Commits 2 Branches 62 Tags 17 MiB
Commit Graph

1244 Commits

Author SHA1 Message Date
Michael Boelen 38e6ff18d4 Merge and initial changes for new tests FILE-6344 and FILE-6430 2016-07-11 19:57:45 +02:00
Lukas Pirl 9a5647f66c added test FILE-6337: check if /proc mounted with hidepid=(1|2) (#225) 
to hide users' sensitive files in /proc from other users
  (see `man proc` for details)
 2016-07-11 16:48:25 +02:00
Michael Boelen 62e6af17de Updated log 2016-07-11 11:28:07 +02:00
Michael Boelen 19807ff573 Updated timestamp 2016-07-11 11:27:59 +02:00
Lukas Pirl f19f5927a5 added test for AllowAgentForwarding being turned off (#222) 
for reasons, see links below:
  https://wiki.mozilla.org/Security/Guidelines/OpenSSH#SSH_agent_forwarding
  https://heipei.github.io/2015/02/26/SSH-Agent-Forwarding-considered-harmful/
 2016-07-11 11:25:51 +02:00
Michael Boelen 576e11b995 [BOOT-5122] Extended password check 2016-07-11 11:24:52 +02:00
Michael Boelen 09a9b80fde Merge branch 'master' of https://github.com/CISOfy/lynis 2016-07-11 11:21:08 +02:00
ratrop cd2429688b Update tests_boot_services (#201) 
Added detection of password for Grub2 in Ubuntu 14.04 LTS. Previous version doesn't detect it.
 2016-07-11 11:20:05 +02:00
Michael Boelen 648d043b0a [FILE-6430] initial import and changes 2016-07-11 11:18:53 +02:00
Michael Boelen d1c8cd3d05 Merge branch 'master' of https://github.com/CISOfy/lynis 2016-07-11 10:32:30 +02:00
Michael Boelen 1fc6ac4ea8 Update log 2016-07-11 10:32:23 +02:00
Michael Boelen a8d8d40f88 Set log date to similar format as normal log entries 2016-07-11 10:32:14 +02:00
Michael Boelen 52317de56c Set date of break lines to similar format as normal log entries 2016-07-11 10:32:00 +02:00
Yann ILAS a62a09d9e4 Remove the support of some filesystems (#205) 
For now keeping the test as-is and merge.
 2016-07-11 10:24:38 +02:00
Lukas Pirl 77634d578c expect value of sysctl:kernel.kptr_restrict to be 2 (#224) 
from https://lwn.net/Articles/420403/:
  """
  The %pK format specifier is designed to hide exposed kernel
  pointers, specifically via /proc interfaces.  Exposing these
  pointers provides an easy target for kernel write vulnerabilities,
  since they reveal the locations of writable structures containing
  easily triggerable function pointers.  The behavior of %pK depends
  on the kptr_restrict sysctl. […] If kptr_restrict is set to 2,
  kernel pointers using %pK are printed as 0's regardless of
  privileges.
  """
 2016-07-11 10:11:18 +02:00
Michael Boelen 74c9513fbb [HTTP-6632] fix for proper detection of Apache modules 2016-07-11 09:49:24 +02:00
Michael Boelen e22322920f More reorganizing as options will be deprecated 2016-07-05 19:57:43 +02:00
Michael Boelen 13c228fd2d Add --configured-only option to lynis show settings 2016-07-05 19:57:11 +02:00
Michael Boelen 1655b5728b Disable color status and clear blue color 2016-07-05 19:56:38 +02:00
Michael Boelen 467c30b16b Start of migration of deprecated profile options 2016-07-05 19:56:13 +02:00
Michael Boelen b44acc16e0 Disable upload compression for now 2016-07-05 19:55:45 +02:00
Michael Boelen 474455d18b Define colors 2016-07-05 19:55:31 +02:00
Michael Boelen 871be32be2 Updated log 2016-07-05 18:19:40 +02:00
Michael Boelen 77a0226f1b Updated log 2016-07-05 18:19:08 +02:00
Michael Boelen f8bee58ade Implement tooltips 2016-07-05 18:18:54 +02:00
Michael Boelen 2b2051dca7 Changed incorrect variable for skipped tests 2016-07-05 18:18:22 +02:00
Michael Boelen bac442c6fe Migrate to new options, including skip-plugins 2016-07-05 17:26:27 +02:00
Michael Boelen 75786a1c80 Added DisplayToolTip 2016-07-05 17:25:19 +02:00
Michael Boelen cb73cbb968 Migration of several settings to new format 2016-07-05 16:49:50 +02:00
Michael Boelen 0c5387f1fe Migration to new profile names and store the related settings 2016-07-05 16:49:36 +02:00
Michael Boelen bdf9a5cf04 Add lynis show settings with --brief and --nocolors options 2016-07-05 16:49:10 +02:00
Michael Boelen 3b1102c817 Move profile parsing to its own function 2016-07-05 16:48:32 +02:00
Michael Boelen 5778d4fa0d Add fuctions: AddSetting, DiscoverProfiles, ParseProfiles 2016-07-05 16:47:32 +02:00
Michael Boelen 8b8a1a9b66 [CRYP-7902] Use SSL paths as configured by profile 2016-07-05 16:46:50 +02:00
Michael Boelen 998af3d7de Add variable for settings and SSL paths 2016-07-05 16:45:27 +02:00
Michael Boelen 673510ec6e Update log 2016-07-05 12:20:22 +02:00
Michael Boelen 6c24c198ee [PRNT-2306] Check if files are readable before parsing them 2016-07-05 12:19:43 +02:00
Michael Boelen fbd24b585a Rename Maid to CleanUp 2016-07-05 12:16:49 +02:00
Michael Boelen b5b8861368 Improve ID detection for Solaris 2016-07-05 12:11:38 +02:00
Michael Boelen 72ca2b926d [AUTH-9254] Only let root use this test, due to permissions 2016-07-05 12:10:32 +02:00
Michael Boelen c181a5745f [AUTH-9288] Only check for accounts which have a maximum password age set 2016-07-05 10:51:59 +02:00
Michael Boelen d9b609ed98 Do not provide a tip about uploading data when user is already doing that 2016-07-05 10:40:07 +02:00
Michael Boelen 63a6aba312 Update log 2016-06-30 11:35:29 +02:00
Michael Boelen 922620839d Update date and timestamp 2016-06-30 11:35:18 +02:00
Michael Boelen a1ebc18a76 Don't override variables of ReportDetails functions on every parameter 2016-06-30 11:34:27 +02:00
Michael Boelen 114d95c475 [AUTH-9234] Test for minimal UID number via /etc/login.defs 2016-06-30 11:30:58 +02:00
Michael Boelen f25bc250a2 Added translator 2016-06-21 08:08:12 +02:00
Michael Boelen 3ef81ed20d Textual change related to languages 2016-06-21 08:08:00 +02:00
Michael Boelen dddcf35fa3 Enable French translations 2016-06-21 08:07:41 +02:00
doc 0733ae856a first french translations (#216) 2016-06-21 07:52:18 +02:00