michael

michael closed issue dutchcoders/transfer.sh#226

2026-01-19 18:29:30 +00:00

Add ACL options for s3 upload

michael commented on issue usnistgov/macos_security#173

2026-01-19 18:29:30 +00:00

Ventura firewall mobileconfig fails to install

@robertgendler commented on GitHub:

We missed the stig controls on system_settings_firewall_enable

But I think it would make sense for us to add the enable firewall stuff to stealth mode as…

michael commented on issue usnistgov/macos_security#173

2026-01-19 18:29:30 +00:00

Ventura firewall mobileconfig fails to install

@robertgendler commented on GitHub:

This was merged into main. closing the issue.

michael commented on issue usnistgov/macos_security#173

2026-01-19 18:29:30 +00:00

Ventura firewall mobileconfig fails to install

@bernstei commented on GitHub:

I have confirmed that adding EnableFirewall true does allow the mobileconfig to install, BTW.

michael commented on issue usnistgov/macos_security#173

2026-01-19 18:29:30 +00:00

Ventura firewall mobileconfig fails to install

@robertgendler commented on GitHub:

Good find. I guess we have to add the key to enable the firewall to this control.

Did we miss labeling the enable firewall with a stig label maybe?

michael opened issue dutchcoders/transfer.sh#227

2026-01-19 18:29:30 +00:00

Could not save metadata

michael commented on issue usnistgov/macos_security#173

2026-01-19 18:29:30 +00:00

Ventura firewall mobileconfig fails to install

@robertgendler commented on GitHub:

This is in dev_ventura_stig

michael opened issue dutchcoders/transfer.sh#228

2026-01-19 18:29:30 +00:00

Open link, after a file is uploaded

michael commented on issue usnistgov/macos_security#172

2026-01-19 18:29:30 +00:00

os_policy_banner_ssh_configure fails on Ventura even after remediation

@robertgendler commented on GitHub:

Well then the ODV would need to be changed if additional text is added.

I'll create a branch and switch it to the test.

michael commented on issue usnistgov/macos_security#174

2026-01-19 18:29:30 +00:00

compliance script should be able to say which rules fail

@robertgendler commented on GitHub:

The compliance script actually writes to unified logging as well as the /Library/Logs/$baseline_baseline.log

The /Library/Logs is JUST the last run of the…

michael commented on issue usnistgov/macos_security#172

2026-01-19 18:29:30 +00:00

os_policy_banner_ssh_configure fails on Ventura even after remediation

@bernstei commented on GitHub:

I like the test based one as well, although both it and the diff based one will fail if there's additional text in the banner, which I'm not sure is desirable.

michael opened issue dutchcoders/transfer.sh#226

2026-01-19 18:29:30 +00:00

Add ACL options for s3 upload

michael commented on issue usnistgov/macos_security#172

2026-01-19 18:29:30 +00:00

os_policy_banner_ssh_configure fails on Ventura even after remediation

@bernstei commented on GitHub:

Looks plausible to me (although I can believe there could be issues with newlines, etc). Do you want to make a branch, or should I just patch my script and test it…

michael commented on issue dutchcoders/transfer.sh#218

2026-01-19 18:29:29 +00:00

Max-Days not working

@Carton32 commented on GitHub:

What's strange is that my ec2 instance is fresh and I'm made it just to try AWS and transfer.sh. I did not install anything else than transfer.sh. So I wonder what…

michael commented on issue dutchcoders/transfer.sh#218

2026-01-19 18:29:29 +00:00

Max-Days not working

@paolafrancesca commented on GitHub:

@Carton32 can you paste full metadata content? currently MaxDownloads has precedence on MaxDays if set

michael commented on issue dutchcoders/transfer.sh#219

2026-01-19 18:29:29 +00:00

transfer.sh does not support cross origin request

@opoto commented on GitHub:

Sorry for the confusion. But the contact link on https://transfer.sh leads to this GitHub project! Hopefully they will deploy this patch some day! Thanks.

michael commented on issue dutchcoders/transfer.sh#217

2026-01-19 18:29:29 +00:00

Uploading images results in 404

@paolafrancesca commented on GitHub:

@Gaz492 if still an issue please feel free to open a new ticket

michael commented on issue dutchcoders/transfer.sh#219

2026-01-19 18:29:29 +00:00

transfer.sh does not support cross origin request

@paolafrancesca commented on GitHub:

@opoto then my update won't be of any use: This project repository has no relation with the service at https://transfer.sh that's managed by https://storj.io.…

michael commented on issue usnistgov/macos_security#167

2026-01-19 18:29:29 +00:00

Application Layer Firewall new check required

@robertgendler commented on GitHub:

This was merged into main. closing the issue.

michael commented on issue dutchcoders/transfer.sh#219

2026-01-19 18:29:29 +00:00

transfer.sh does not support cross origin request

@paolafrancesca commented on GitHub:

@opoto can you check #297 branch?

unluckiley cors middleware for gorilla mux doesn't block at all invalid CORS requests so everything is left to client…