elie/debian-cis
1
0
Fork 0
mirror of https://github.com/ovh/debian-cis.git synced 2025-06-22 02:33:42 +02:00
Code Issues Packages Projects Releases Wiki Activity

feat: Filter the filesystem to check when the list is built. (#156)

Browse Source 
* feat: Attempt to filter-out filesystem that match exclusion regex.
This commit is contained in:
ymartin-ovh
2022-06-24 17:45:47 +02:00
committed by GitHub
parent 7a3145d7f1
commit 66ccc6316a
9 changed files with 49 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
tests/hardening/6.1.10_find_world_writable_file.sh
View File

@ -5,7 +5,9 @@ test_audit() {
# shellcheck disable=2154
/opt/debian-cis/bin/hardening/"${script}".sh || true
# shellcheck disable=2016
echo 'EXCLUDED="$EXCLUDED ^/dev/.*"' >>/opt/debian-cis/etc/conf.d/"${script}".cfg
echo 'EXCLUDED="$EXCLUDED ^/home/secaudit/thisfileisignored.*|^/dev/.*"' >>/opt/debian-cis/etc/conf.d/"${script}".cfg
touch /home/secaudit/thisfileisignored
chmod 777 /home/secaudit/thisfileisignored
describe Running on blank host
register_test retvalshouldbe 0