PATCH] [RHEL6] Add remediation for Disable Prelinking rule

Jan Lieskovsky Wed, 27 Nov 2013 07:40:57 -0800

Proposal for the "2.1.3.1.b. Disable Prelinking"
rule remediation.


Please review.

Thank you && Regards, Jan.
--
Jan iankko Lieskovsky / Red Hat Security Technologies Team

From 102d335388c881e6f825b48c54e33f0e1e623767 Mon Sep 17 00:00:00 2001
From: Jan Lieskovsky <[email protected]>
Date: Wed, 27 Nov 2013 16:36:04 +0100
Subject: [PATCH] [RHEL6] Add remediation for Disable Prelinking rule

Signed-off-by: Jan Lieskovsky <[email protected]>
---
 RHEL6/input/fixes/bash/disable_prelink.sh | 9 +++++++++
 1 file changed, 9 insertions(+)
 create mode 100644 RHEL6/input/fixes/bash/disable_prelink.sh

diff --git a/RHEL6/input/fixes/bash/disable_prelink.sh b/RHEL6/input/fixes/bash/disable_prelink.sh
new file mode 100644
index 0000000..98dc85d
--- /dev/null
+++ b/RHEL6/input/fixes/bash/disable_prelink.sh
@@ -0,0 +1,9 @@
+#
+# Disable prelinking altogether
+#
+sed -i "s/PRELINKING.*/PRELINKING=no/g" /etc/sysconfig/prelink
+
+#
+# Undo previous prelink changes to binaries
+#
+/usr/sbin/prelink -ua
-- 
1.8.3.1

_______________________________________________
scap-security-guide mailing list
[email protected]
https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide

PATCH] [RHEL6] Add remediation for Disable Prelinking rule

Reply via email to