usnistgov/macos_security
1
0
Fork 0
mirror of https://github.com/usnistgov/macos_security.git synced 2026-03-17 14:22:11 +00:00
Code Issues 21 Actions Packages Projects Releases Wiki Activity
925 Commits 29 Branches 61 Tags
aea1451373ea4413b2bf2db820a4e12c481587be
Commit Graph

925 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Allen Golbig
aea1451373 fix[rule]: Fixed system_settings_ssh_disable 
Fixed logic for system_settings_ssh_disable and added note.
 2022-09-29 12:56:00 -04:00
Allen Golbig
d334ce846a Merge branch 'dev_ventura_issue167' into dev_ventura 2022-09-29 09:15:11 -04:00
Bob Gendler
e4ab4945ec refactor[rules/baselines]cis updates 
Added cis_lvl2,cisv8 to additional audit rules
Updated cisv8 baseline and cis_lvl2 baseline
 2022-09-22 14:29:40 -04:00
Bob Gendler
66c0372215 refactor[rules] Updated language and check 
Updated check for ventura. Removed reference to MRT
 2022-09-22 14:04:20 -04:00
Bob Gendler
ccb6b0400c refactor[rules] Reassigned and removed rule 
Assigned cislvl1 and cislvl2 to audit_flags_fm_failed_configure
Removed audit_flags_configure
 2022-09-22 14:03:05 -04:00
Bob Gendler
16bf58f49d refactor[smartcards] Added info on ignoreARD key 
Created information in supplemental and authorization header on the
ignoreARD key for smartcards and screen sharing and screen recording.
 2022-09-20 16:20:13 -04:00
Allen Golbig
9a9441b6dd fix[script]: Fixed logic for system_settings 
Fixed logic for system_settings so it no longer creates additional sections in baseline.
 2022-09-20 09:17:53 -04:00
Bob Gendler
43e8a86b67 Merge branch 'ventura' into dev_ventura 2022-09-19 15:20:02 -04:00
Bob Gendler
12e2698746 refactor[rules] - updated tags and references 
Removed tags and references from non stig rules
 2022-09-19 15:19:02 -04:00
Bob Gendler
6ab3e1c867 refactor[rules] - updated tags and references 
Removed tags and references from non stig rules
 2022-09-19 15:16:15 -04:00
Bob Gendler
fe9abf867b Merge branch 'dev_ventura' into ventura 2022-09-19 14:14:45 -04:00
Jorge Escobar
ddc8e8d8e2 Fix issue that caused --compliant and/or --non_compliant to run when not in cli args. (#173) 2022-09-19 14:14:06 -04:00
Bob Gendler
d291e84939 Merge branch 'dev_ventura' of https://github.com/usnistgov/macos_security into dev_ventura 2022-09-19 14:05:54 -04:00
Bob Gendler
6a3d17f453 refactor[generate_scap] checks for new checks 
Added ability to check the new way for sudo -V and
for systempreferences DisabledSystemSettings
 2022-09-19 14:03:59 -04:00
Allen Golbig
38fce8b5a1 refactor[rule]: Updated Changelog and Baselines 
Updated Changelog, icloud_appleid_system_settings_disable, & baselines
 2022-09-19 13:07:12 -04:00
Bob Gendler
49cc945fcb fixed DISA STIG baseline 2022-09-19 12:07:32 -04:00
Bob Gendler
084cb3e9e5 refactor[icloud_appleid_syssetting_disable] check 
Fixed the check for icloud_appleid_syssetting_disable
 2022-09-19 12:06:12 -04:00
Bob Gendler
c85e4c1e78 refactor[baselines]: Added, removed, changed rules 
Changed system_settings_internet_accounts_prefpane_disable to the new
rule system_settings_internet_accounts_disable and
icloud_appleid_prefpane_disable to
icloud_appleid_syssetting_disable
 2022-09-19 12:02:34 -04:00
Bob Gendler
7991ef4456 [refactor] Updated sudo check 
Removed os_sudoers_tty_configure and combined the fix into
os_sudoers_timestamp_type_configure

Updated check for os_sudoers_timestamp_type_configure to use sudo -V
 2022-09-19 11:33:38 -04:00
Bob Gendler
7c3dac6d3d feat[rules]: Added 2 rules for disabling sys_set 
Added 2 rule files for the new way to disable sections within system
settings.
 2022-09-19 10:35:06 -04:00
Bob Gendler
2f0dbed168 fixed check 2022-09-19 10:34:03 -04:00
Dan Brodjieski
879275b619 fix[script]: Addresses string replacement in fix 
generate_guidance.py was not substituting | characters in the fix field
correctly when generating the XLS file
 2022-09-13 16:00:50 -04:00
Bob Gendler
b219680537 refactor[script]:Update to generate_scap for 13.0 
Added a condition for ventura launchctl disable checks

Related to Issue #167
 2022-09-13 14:51:32 -04:00
Allen Golbig
2abe82b10a refactor[rules]: Launchctl refactor for Ventura 
Ventura changes how launchctl status is reported

Issue #167
 2022-09-13 13:35:47 -04:00
Dan Brodjieski
8e59fde135 fix[rule]: Adds ODV to automatic login rule 
Updated the system_settings_automatic_logout_enforce to support ODV
values.  Added the default value to the recommended.
 2022-09-13 12:34:21 -04:00
Bob Gendler
d4f326c1eb fixes and more 2022-09-13 11:42:41 -04:00
Bob Gendler
eee2025178 grep or awk with sshd -T checks 2022-09-12 16:34:23 -04:00
Bob Gendler
191df7b679 updated result string from false to true 2022-09-12 11:01:21 -04:00
Bob Gendler
27eb70114a updated check using xmllint 2022-09-12 10:58:02 -04:00
Bob Gendler
ab3b9a57c7 updated STIG reference and baseline description 2022-09-12 09:59:45 -04:00
Dan Brodjieski
a6a8c85ae8 pulled in generate_guidance.py changes from monterey 2022-09-07 11:42:13 -04:00
Allen Golbig
902510f569 pulled in generate_baseline changes from monterey 2022-09-07 11:20:21 -04:00
Allen Golbig
4391a92e14 fixed mobilconfig field 2022-09-06 18:51:01 -04:00
Bob Gendler
136e3cce6f Merge branch 'dev_ventura' into ventura 2022-09-01 16:04:42 -04:00
Bob Gendler
9c64409f18 added manual tag 2022-09-01 16:04:27 -04:00
Bob Gendler
8a2fade0ec baselines updated 2022-08-31 14:36:50 -04:00
Bob Gendler
a76e60dae6 Merge branch 'dev_ventura' of https://github.com/usnistgov/macos_security into dev_ventura 2022-08-30 11:52:50 -04:00
Bob Gendler
3a8850044b updated check with jxa 2022-08-30 11:52:45 -04:00
Allen Golbig
32b067b582 Updated Changelog 2022-08-30 08:59:09 -04:00
Allen Golbig
88268460dd fixed paths 2022-08-29 16:36:04 -04:00
Bob Gendler
88d9b01b90 updated ssh checks 2022-08-29 16:30:27 -04:00
Bob Gendler
624b01e8c5 CCEs added 2022-08-29 16:17:11 -04:00
Bob Gendler
bb0f7e6778 removed unneeded rule 2022-08-29 14:16:44 -04:00
Bob Gendler
c47209c859 Merge branch 'dev_ventura' of https://github.com/usnistgov/macos_security into dev_ventura 2022-08-29 13:22:00 -04:00
Bob Gendler
60cd4d7174 updated with new sshd check and fix 2022-08-29 13:21:33 -04:00
Bob Gendler
e211789603 Update bug_report.md 2022-08-29 13:20:11 -04:00
Bob Gendler
af1a4f9b4d updated check and fix 2022-08-27 13:22:20 -04:00
Bob Gendler
516b58634d updated check and fix with array 2022-08-27 13:21:59 -04:00
Bob Gendler
1cf0b20df2 removed all but stig tag 2022-08-26 15:53:54 -04:00
Bob Gendler
5433ad0d39 updated check and fix using sshd -T 2022-08-26 15:53:36 -04:00