@paolafrancesca commented on GitHub:
@HamedSepehr for the records: https://github.com/dutchcoders/transfer.sh/issues/490#issuecomment-1147456719 when proxying the transfer.sh service you have…
@robertgendler commented on GitHub:
Good find!
bannerText="$ODV"
if /usr/bin/diff -q /etc/banner <(echo "$bannerText"); then
echo "1"
else
echo "0"
fi
Maybe…
@robertgendler commented on GitHub:
Well then the ODV would need to be changed if additional text is added.
I'll create a branch and switch it to the test.
@robertgendler commented on GitHub:
Well I found another way also `test "$(cat /etc/banner)" = "$bannerText" && echo "1"
@robertgendler commented on GitHub:
The compliance script actually writes to unified logging as well as the /Library/Logs/$baseline_baseline.log
The /Library/Logs is JUST the last run of the…
@bernstei commented on GitHub:
I like the test based one as well, although both it and the diff based one will fail if there's additional text in the banner, which I'm not sure is desirable.
@bernstei commented on GitHub:
Looks plausible to me (although I can believe there could be issues with newlines, etc). Do you want to make a branch, or should I just patch my script and test it…
@robertgendler commented on GitHub:
We missed the stig controls on system_settings_firewall_enable
But I think it would make sense for us to add the enable firewall stuff to stealth mode as…
@robertgendler commented on GitHub:
This was merged into main. closing the issue.
@bernstei commented on GitHub:
I have confirmed that adding EnableFirewall true does allow the mobileconfig to install, BTW.
@robertgendler commented on GitHub:
Good find. I guess we have to add the key to enable the firewall to this control.
Did we miss labeling the enable firewall with a stig label maybe?
@robertgendler commented on GitHub:
This is in dev_ventura_stig
@georgalis commented on GitHub:
You could test a grep for the banner string, but that would pass if, for example, the standard banner was followed by a clear screen char, or other ways the banner…
@bernstei commented on GitHub:
I was more thinking of someone went in and edited to add another line after the DoD standard banner. I guess the remediation script would overwrite that, so it's…