>From 49993ebb2b4700fa6e2a965bd59c367cbb353445 Mon Sep 17 00:00:00 2001
From: Shawn Wells <[email protected]>
Date: Fri, 27 Sep 2013 16:52:53 -0400
Subject: [PATCH 2/8] new remediation: file_permissions_library_dirs
[root@SSG-RHEL6 checks]# ./testcheck.py file_permissions_library_dirs.xml
Evaluating with OVAL tempfile : /tmp/file_permissions_library_dirsQGPnnX.xml
Writing results to : /tmp/file_permissions_library_dirsQGPnnX.xml-results
Definition oval:scap-security-guide.testing:def:207: false
Evaluation done.
[root@SSG-RHEL6 checks]# bash ../fixes/bash/file_permissions_library_dirs.sh
[root@SSG-RHEL6 checks]# ./testcheck.py file_permissions_library_dirs.xml
Evaluating with OVAL tempfile : /tmp/file_permissions_library_dirslfB5qo.xml
Writing results to : /tmp/file_permissions_library_dirslfB5qo.xml-results
Definition oval:scap-security-guide.testing:def:207: true
Evaluation done.
---
.../fixes/bash/file_permissions_library_dirs.sh | 4 ++++
1 files changed, 4 insertions(+), 0 deletions(-)
create mode 100644 RHEL6/input/fixes/bash/file_permissions_library_dirs.sh
diff --git a/RHEL6/input/fixes/bash/file_permissions_library_dirs.sh
b/RHEL6/input/fixes/bash/file_permissions_library_dirs.sh
new file mode 100644
index 0000000..263612f
--- /dev/null
+++ b/RHEL6/input/fixes/bash/file_permissions_library_dirs.sh
@@ -0,0 +1,4 @@
+DIRS="/lib /lib64 /usr/lib /usr/lib64"
+for dirPath in $DIRS; do
+ find $dirPath -perm -022 -type f -exec chmod go-w '{}' \;
+done
--
1.7.1
_______________________________________________
scap-security-guide mailing list
[email protected]
https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
