>From 693e04c22b41e70fe49ea78a6ba1133cf62d8406 Mon Sep 17 00:00:00 2001 From: Shawn Wells <[email protected]> Date: Wed, 20 Mar 2013 19:44:58 -0400 Subject: [PATCH] ticket 338 - improve check text for noexec on removable media Updated grep to search for the negative; calls for manual inspection of output
--- RHEL6/input/system/permissions/partitions.xml | 7 ++++--- 1 files changed, 4 insertions(+), 3 deletions(-) diff --git a/RHEL6/input/system/permissions/partitions.xml b/RHEL6/input/system/permissions/partitions.xml index a9a7b2d..1026e9b 100644 --- a/RHEL6/input/system/permissions/partitions.xml +++ b/RHEL6/input/system/permissions/partitions.xml @@ -64,10 +64,11 @@ certain types of worms or malicious code. </description> <rationale>Allowing users to execute binaries from removable media such as USB keys exposes the system to potential compromise.</rationale> -<ocil clause="it does not"> +<ocil clause="removable media partitions are present"> To verify that binaries cannot be directly executed from removable media, run the following command: -<pre># grep noexec /etc/fstab</pre> -The output should show <tt>noexec</tt> in use. +<pre># grep -v noexec /etc/fstab</pre> +The resulting output will show partitions which do not have the <tt>noexec</tt> flag. Verify all partitions +in the output are not removable media. </ocil> <ident cce="27196-5" /> <oval id="mount_option_noexec_removable_partitions" value="var_removable_partition" /> -- 1.7.1
_______________________________________________ scap-security-guide mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
