A colleague found during testing, that the find command for checking/fixing group or world writeable files in library directories had the -perm flag set as -022 (all bits set) instead of /022 (any bits set). I updated RHEL6/input/fixes/bash/file_permissions_library_dirs.sh and generated this patch to update the fix content.
I can't push this patch so if its approved, so if someone that could, doesn't mind it's appreciated. Thanks! Jeb Trayer, CTR Ace Info Solutions, Inc. USCG Operations System Center [email protected] Signed-off-by: Jeb Trayer <[email protected]> --- .../fixes/bash/file_permissions_library_dirs.sh | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/RHEL6/input/fixes/bash/file_permissions_library_dirs.sh b/RHEL6/input/fixes/bash/file_permissions_library_dirs.sh index 263612f..7de0740 100644 --- a/RHEL6/input/fixes/bash/file_permissions_library_dirs.sh +++ b/RHEL6/input/fixes/bash/file_permissions_library_dirs.sh @@ -1,4 +1,4 @@ DIRS="/lib /lib64 /usr/lib /usr/lib64" for dirPath in $DIRS; do - find $dirPath -perm -022 -type f -exec chmod go-w '{}' \; + find $dirPath -perm /022 -type f -exec chmod go-w '{}' \; done -- 1.7.1 _______________________________________________ scap-security-guide mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
