From f4e0aafacc27cbff43a802ec082d783ee012bbd4 Mon Sep 17 00:00:00 2001 From: Thibault Ayanides Date: Mon, 30 Nov 2020 14:27:20 +0100 Subject: [PATCH] IMP(5.2.3): fix possible permissions for 5.2.3 --- ....2.3_ssh_host_public_keys_perm_ownership.sh | 18 ++++++++++++++---- 1 file changed, 14 insertions(+), 4 deletions(-) diff --git a/bin/hardening/5.2.3_ssh_host_public_keys_perm_ownership.sh b/bin/hardening/5.2.3_ssh_host_public_keys_perm_ownership.sh index 7a9f6c2..c1b2b61 100755 --- a/bin/hardening/5.2.3_ssh_host_public_keys_perm_ownership.sh +++ b/bin/hardening/5.2.3_ssh_host_public_keys_perm_ownership.sh @@ -32,8 +32,13 @@ audit () { if [ $FNRET = 0 ]; then ok "$FILE permissions were set to $PERMISSIONS" else - ERRORS=$((ERRORS+1)) - crit "$FILE permissions were not set to $PERMISSIONS" + has_file_correct_permissions $FILE 600 + if [ $FNRET = 0 ]; then + ok "$FILE permissions were set to $PERMISSIONS" + else + ERRORS=$((ERRORS+1)) + crit "$FILE permissions were not set to $PERMISSIONS" + fi fi fi @@ -73,8 +78,13 @@ apply () { if [ $FNRET = 0 ]; then ok "$FILE permissions were set to $PERMISSIONS" else - warn "fixing $DIR SSH public keys permissions to $USER:$GROUP" - chmod 0$PERMISSIONS $FILE + has_file_correct_permissions $FILE 600 + if [ $FNRET = 0 ]; then + ok "$FILE permissions were set to $PERMISSIONS" + else + warn "fixing $DIR SSH public keys permissions to $USER:$GROUP" + chmod 0$PERMISSIONS $FILE + fi fi fi done