usnistgov/macos_security
1
0
Fork 0
mirror of https://github.com/usnistgov/macos_security.git synced 2026-03-16 22:12:08 +00:00
Code Issues 21 Actions Packages Projects Releases Wiki Activity
1,000 Commits 29 Branches 61 Tags
461aae2f2db1fea02078efa13fb7f218f366a48e
Commit Graph

547 Commits

Author SHA1 Message Date
Bob Gendler
24e4efd554 Merge branch 'dev_ventura_issue191' into ventura 2022-11-15 11:24:57 -05:00
Gendler
f55b6331c3 Updated cis benchmark 2022-11-10 10:39:02 -05:00
Gendler
efbb3a3a27 refactor[rules]: Updated 2 rules 
Fixed - os_safari_prevent_cross-site_tracking_enable
 - id
 - title
 - description
 - check
 - mobileconfig

Fixed - os_safari_advertising_privacy_protection_enable
 - Fixed spacing
 2022-11-10 10:26:58 -05:00
Allen Golbig
398dd17352 refactor[rules]: Added additional Safari Rules 
Added CIS Level 1 Safari rules which were missing
 2022-11-10 08:15:02 -05:00
Bob Gendler
346dec84c3 refactor[rules] system-system_settings_ssh_enable 
Check updated to look for enabled.
 2022-11-09 13:34:36 -05:00
Allen Golbig
07b096c8a0 fix[rules] updated cis refs 
Updated refs and fixed various things

Issue #191
 2022-11-04 08:49:19 -04:00
Allen Golbig
e52a97f2b1 fix[rules] fixed cis tags 
Fixed tags where cis_lvl2 had cis_lvl2 tags

Issue #198
 2022-11-03 11:24:01 -04:00
Bob Gendler
3fdbd2a5ac refactor[rules]: Fixed xpath 
Updated xpath to output all keys equaling DisabledPreferencePanes.

This fixes if there are multiple profiles setting the same key.

Issue #193
 2022-11-02 09:25:11 -04:00
Bob Gendler
039a8118b1 refactor[rules]: Fixed xpath 
Updated xpath to output all keys equaling DisabledPreferencePanes.

This fixes if there are multiple profiles setting the same key.

Issue #193
 2022-11-02 09:23:13 -04:00
Bob Gendler
470fbc209f refactor[rules]: Removed and edited 
* Removed system_settings_bluetooth_unpaired_disable
* Edited title and discussion for
    - os_rapid_security_response_removal_disable
    - system_settings_time_server_enforce
 2022-10-28 09:55:10 -04:00
Allen Golbig
2bfc0c63ff fix[rule] spaces are hard 
removed space in front of references

Issue#192
 2022-10-26 13:21:50 -04:00
Allen Golbig
78aca0423a fix[rule] fixed references 
Added refs removed when clearing cce

issue#192
 2022-10-26 13:18:49 -04:00
Allen Golbig
bdb9629651 fix[rule] cisv8 references 
Updated references and tags for cisv8

issue#191
 2022-10-25 20:40:19 -04:00
Bob Gendler
3515ca5f56 refactor[rules] Removed STIG references 
Removed and fixed STIG and SRG references.
 2022-10-19 21:47:16 -04:00
Bob Gendler
1a4aa58597 refactor[rules] Updated FIPS information 
Updated information on FIPS for macOS Ventura.
 2022-10-19 21:46:25 -04:00
Bob Gendler
e3853a8202 removed STIG reference 2022-10-19 21:08:03 -04:00
Bob Gendler
84405d8db9 refactor[rules] Updates to supplemental_cis_manual 
Updated CIS manual controls to match CIS Ventura benchmark
 2022-10-19 10:41:18 -04:00
Bob Gendler
3d6f7c6f1f refactor[rules] More CIS Ventura Benchmark updates 
* Updates to benchmark numbers in rules
* Removed system_settings_location_services_audit
 2022-10-19 10:21:15 -04:00
Bob Gendler
e807a191c6 refactor [rules] Updated library validation rule 
Removed CIS Benchmark numbers from library validation and removed from
baseline files
 2022-10-18 22:12:39 -04:00
Bob Gendler
64fd989a59 refactor [rules] Updated check to use xmllint 
Updated to use xmllint and read xpath instead of grep | grep
 2022-10-18 21:50:16 -04:00
Bob Gendler
86ad1f3fb2 refactor [rules] Updated check/fix 
New check and fix wrote for system_settings_system_wide_preferences_configure.
This is required for Ventura for System Settings to work properly.
 2022-10-18 21:19:55 -04:00
Dan Brodjieski
fead101e4b refactor[rules]: removed STIG referencing 
Removed references to the STIG until it is released.
 2022-10-18 18:57:37 -04:00
Bob Gendler
1e2d1d0ba1 refactor [rules] Updates to match CIS Ventura Benchmark 
Updated rule files
Updated baseline files
 2022-10-18 16:37:30 -04:00
Allen Golbig
0ab1cdcd69 refactor[rule] updated supplemental_cis_manual 
Updated supplemental_cis_manual
 2022-10-18 16:27:38 -04:00
Bob Gendler
6524c4ff54 refactor [rules] Updates to CIS Ventura Benchmark 
* Changed numbering to match CIS Ventura Benchmark numbers.
* Added system_settings_location_services_menu_enforce
 2022-10-18 16:13:12 -04:00
Bob Gendler
9aa5f221ef refactor [rules] Updated CIS Benchmark Numbers 
Updated CIS Benchmark Numbers to match 4 - Network Configurations
 2022-10-18 12:15:38 -04:00
Bob Gendler
f27a508565 refactor [rules] Updated CIS Benchmark numbering 
Updated benchmark numbers to match CIS Ventura baseline draft
 2022-10-18 12:10:21 -04:00
Allen Golbig
e15a64711e refactor[rule]: cis updates for ventura (swu) 
Updated swu rules to match updated cis numbering
 2022-10-18 12:02:57 -04:00
Bob Gendler
9e53ed64ba refactor [rules] Removed STIG tags and ODV 
Removed stig baseline file
Removed stig tag from rules
Removed stig odv from rules
Removed old way of hiding and disabling system preference panes
 2022-10-18 11:07:54 -04:00
Bob Gendler
a9096c8f91 refactor [rule] Removed reference to MRT 
Changed wording - XProtect to XProtect Remediator and removed references to MRT.
 2022-10-13 13:40:48 -04:00
Bob Gendler
7c7aefb50e minor fix with stderr to stdout 2022-10-05 17:05:55 -04:00
Bob Gendler
f8af1f24b7 fix [rules] system_wide_preferences_configure 
Fixed system_wide_preferences_configure to add shared key if not found.

Match PR #177
 2022-10-05 13:41:06 -04:00
Allen Golbig
bbd924a9b4 refactor[rule]: system_settings_ssh_disable 
Added >/dev/null to fix in case already disabled.
 2022-09-29 17:58:15 -04:00
Allen Golbig
aea1451373 fix[rule]: Fixed system_settings_ssh_disable 
Fixed logic for system_settings_ssh_disable and added note.
 2022-09-29 12:56:00 -04:00
Allen Golbig
d334ce846a Merge branch 'dev_ventura_issue167' into dev_ventura 2022-09-29 09:15:11 -04:00
Bob Gendler
e4ab4945ec refactor[rules/baselines]cis updates 
Added cis_lvl2,cisv8 to additional audit rules
Updated cisv8 baseline and cis_lvl2 baseline
 2022-09-22 14:29:40 -04:00
Bob Gendler
66c0372215 refactor[rules] Updated language and check 
Updated check for ventura. Removed reference to MRT
 2022-09-22 14:04:20 -04:00
Bob Gendler
ccb6b0400c refactor[rules] Reassigned and removed rule 
Assigned cislvl1 and cislvl2 to audit_flags_fm_failed_configure
Removed audit_flags_configure
 2022-09-22 14:03:05 -04:00
Bob Gendler
16bf58f49d refactor[smartcards] Added info on ignoreARD key 
Created information in supplemental and authorization header on the
ignoreARD key for smartcards and screen sharing and screen recording.
 2022-09-20 16:20:13 -04:00
Bob Gendler
12e2698746 refactor[rules] - updated tags and references 
Removed tags and references from non stig rules
 2022-09-19 15:19:02 -04:00
Bob Gendler
6ab3e1c867 refactor[rules] - updated tags and references 
Removed tags and references from non stig rules
 2022-09-19 15:16:15 -04:00
Allen Golbig
38fce8b5a1 refactor[rule]: Updated Changelog and Baselines 
Updated Changelog, icloud_appleid_system_settings_disable, & baselines
 2022-09-19 13:07:12 -04:00
Bob Gendler
084cb3e9e5 refactor[icloud_appleid_syssetting_disable] check 
Fixed the check for icloud_appleid_syssetting_disable
 2022-09-19 12:06:12 -04:00
Bob Gendler
7991ef4456 [refactor] Updated sudo check 
Removed os_sudoers_tty_configure and combined the fix into
os_sudoers_timestamp_type_configure

Updated check for os_sudoers_timestamp_type_configure to use sudo -V
 2022-09-19 11:33:38 -04:00
Bob Gendler
7c3dac6d3d feat[rules]: Added 2 rules for disabling sys_set 
Added 2 rule files for the new way to disable sections within system
settings.
 2022-09-19 10:35:06 -04:00
Bob Gendler
2f0dbed168 fixed check 2022-09-19 10:34:03 -04:00
Allen Golbig
2abe82b10a refactor[rules]: Launchctl refactor for Ventura 
Ventura changes how launchctl status is reported

Issue #167
 2022-09-13 13:35:47 -04:00
Dan Brodjieski
8e59fde135 fix[rule]: Adds ODV to automatic login rule 
Updated the system_settings_automatic_logout_enforce to support ODV
values.  Added the default value to the recommended.
 2022-09-13 12:34:21 -04:00
Bob Gendler
191df7b679 updated result string from false to true 2022-09-12 11:01:21 -04:00
Bob Gendler
27eb70114a updated check using xmllint 2022-09-12 10:58:02 -04:00