usnistgov/macos_security
1
0
Fork 0
mirror of https://github.com/usnistgov/macos_security.git synced 2026-02-28 15:42:25 +00:00
Code Issues 21 Actions Packages Projects Releases Wiki Activity
1,080 Commits 27 Branches 61 Tags
fdcc5b5bb9eca8cae669fa166fd896845d5dd850
Commit Graph

266 Commits

Author SHA1 Message Date
Bob Gendler
fdcc5b5bb9 output redirection fix 2023-05-26 12:20:18 -04:00
Bob Gendler
5e1485e109 added missing double quote 2023-05-26 12:14:17 -04:00
Bob Gendler
ac1be946c0 Fixed &2> with 2&> 2023-05-25 13:31:53 -04:00
Bob Gendler
8ec13ebf92 feat[scripts]ssh-keygen added to compliance script 
Issue #245
Check if sshd -T succeeds, if not, create required keys. Delete keys
after compliance check is complete
 2023-05-04 13:39:10 -04:00
Bob Gendler
3dc00ce855 Merge branch 'dev_ventura_issue236' into ventura 2023-04-18 11:17:35 -04:00
Bob Gendler
e0971d2c42 Merge branch 'dev_ventura_issue244' into ventura 2023-04-18 10:52:18 -04:00
Erik Winter
83f1c21b68 use absolute path when referencing scutil and awk in compliance script (#239) 2023-04-05 10:22:57 -04:00
Bob Gendler
2f90a2402a [feat] Remove uchg flag from audit_control 
This is to resolve issue #236

Added /usr/bin/chflags nouchg to audit_control
 2023-04-05 10:19:57 -04:00
Bob Gendler
82ff896adb [fix] generate_scap fix from change in sshd check 
Fix added to generate_scap.py due to change in
auth_ssh_password_authentication_disable check using sshd -T.

Now works if using double or single quote around when you're searching for
 2023-04-03 11:39:57 -04:00
Allen Golbig
3a3b8b7d98 Merge branch 'dev_ventura_issue210' into ventura 2023-01-25 14:14:42 -05:00
Allen Golbig
b58e9edbcf fix[script] added timestamp to remediations 
Added timestamp to compliance script when remediating
 2023-01-03 10:20:34 -05:00
Dan Brodjieski
9c62d64141 fix[script]: generate_baseline error with tags 
Corrected issue when running generate_baseline.py with
a keyword/tag that wasn't included in mscp_data

generate_baseline.py crash with custom baselines #210
 2022-12-19 13:17:52 -05:00
Allen Golbig
ccb2cc398b feat[script] added check/fix/check logic 
Added check/fix/check logic to compliance script
 2022-12-13 12:59:53 -05:00
Allen Golbig
5bf1f70f45 feat[script] Additional Authors 
Sync changes from monterey to support additional authors

Issue #105
 2022-12-01 19:24:34 -05:00
Bob Gendler
f9e2ae76f8 Merge branch 'dev_ventura_references' into ventura 2022-11-29 09:58:23 -05:00
Dan Brodjieski
a9982fcd27 fix[script]: added support for CIS refs 
You can now pass cis, cis_lvl1, cis_lvl2, cisv8
to generate_guidance.py to allow for those
references to be included in the logs.
Also, replaced all instances of /bin/echo
 2022-11-23 08:51:36 -05:00
Bob Gendler
2d89b7af80 [feat] Debug Mode Added 
Debug added to the generated compliance script. Hold down option to
invoke debug while running the script from the command line.

Issue #202
 2022-11-17 11:50:35 -05:00
Bob Gendler
59e0890c95 Added incremental of x 2022-10-20 10:37:20 -04:00
Bob Gendler
8b3bdac7c2 fix [generate_scap] Updated authdb check 
Added oval generation for new authdb check for Ventura
 2022-10-19 14:08:27 -04:00
Bob Gendler
e1573b3dde Fixed logic for system_settings again 2022-10-18 11:12:34 -04:00
Bob Gendler
ab611d16c6 fix[scripts] fix odv in profile creation 
Fixes an issue with parent_value and odv and config profile creation

Issue #174
 2022-10-03 13:35:10 -04:00
Bob Gendler
b83e46ba72 fix[script] generate_baseline -t crash 
Fixes an issue when custom/rules does not exist.

Issue #172
 2022-10-03 13:28:53 -04:00
Allen Golbig
d334ce846a Merge branch 'dev_ventura_issue167' into dev_ventura 2022-09-29 09:15:11 -04:00
Allen Golbig
9a9441b6dd fix[script]: Fixed logic for system_settings 
Fixed logic for system_settings so it no longer creates additional sections in baseline.
 2022-09-20 09:17:53 -04:00
Jorge Escobar
ddc8e8d8e2 Fix issue that caused --compliant and/or --non_compliant to run when not in cli args. (#173) 2022-09-19 14:14:06 -04:00
Bob Gendler
6a3d17f453 refactor[generate_scap] checks for new checks 
Added ability to check the new way for sudo -V and
for systempreferences DisabledSystemSettings
 2022-09-19 14:03:59 -04:00
Dan Brodjieski
879275b619 fix[script]: Addresses string replacement in fix 
generate_guidance.py was not substituting | characters in the fix field
correctly when generating the XLS file
 2022-09-13 16:00:50 -04:00
Bob Gendler
b219680537 refactor[script]:Update to generate_scap for 13.0 
Added a condition for ventura launchctl disable checks

Related to Issue #167
 2022-09-13 14:51:32 -04:00
Bob Gendler
d4f326c1eb fixes and more 2022-09-13 11:42:41 -04:00
Bob Gendler
eee2025178 grep or awk with sshd -T checks 2022-09-12 16:34:23 -04:00
Dan Brodjieski
a6a8c85ae8 pulled in generate_guidance.py changes from monterey 2022-09-07 11:42:13 -04:00
Allen Golbig
902510f569 pulled in generate_baseline changes from monterey 2022-09-07 11:20:21 -04:00
Bob Gendler
291cd7a02a removed space when system sections section is present in baseline 2022-08-18 12:08:44 -04:00
Henry S
46dc160a82 Add creation date to profill description (#158) 2022-08-18 11:35:34 -04:00
Henry S
98039a6f99 simple proposal for issue #152 
Rearangement of two vars in generate_profiles function would resolve this [issue](https://github.com/usnistgov/macos_security/issues/152) and make Profile Display Names specific to payload.
 2022-08-17 08:37:36 +02:00
Bob Gendler
1f70933011 new oval checks for updated ssh_config checks and sshd enhanced checks 2022-08-16 21:36:30 -04:00
Bob Gendler
2dc4333fe9 re-order elif 2022-08-11 21:07:29 -04:00
Bob Gendler
1096f6e087 sysprefs or system_settings 2022-08-11 21:01:42 -04:00
Bob Gendler
8a4ff89841 sys_prefs or system_settings 2022-08-11 20:57:37 -04:00
Allen Golbig
e09462386c os_software_update_deferral gives fales finding if 'enforcedSoftwareUpdateDelay' key is not set 
Fixes #150
 2022-08-09 22:06:23 -04:00
Bob Gendler
17ba38be31 issue #146 2022-08-09 15:25:05 -04:00
Bob Gendler
a24451feab updated compliance count 2022-08-09 15:18:46 -04:00
Bob Gendler
54cc562444 tailoring fixes 2022-08-09 15:12:04 -04:00
Allen Golbig
63c2c3559d fixed section names 2022-08-06 14:20:39 -04:00
Allen Golbig
fee8638cc6 more system_settings changes 2022-08-06 12:37:27 -04:00
Allen Golbig
7c8c7de2e8 more system settings 2022-08-04 10:50:12 -04:00
Allen Golbig
720d16bb7c sysprefs to system_settings 2022-08-04 10:05:03 -04:00
Bob Gendler
6e48e6b031 updated guidance and baseline script 2022-07-29 16:13:34 -04:00
Allen Golbig
210af745f7 fixed parent_value 2022-07-14 08:51:04 -04:00
Allen Golbig
920795111d added ruby gem changes 2022-07-13 20:35:07 -04:00