[PATCH 02/11] OVAL rename, accounts_dangerous_path_for_root --> root_path_no_dot

Tue, 12 Nov 2013 08:33:30 -0800 

>From 19a4ecd695ddadf3cedb87ccbed2270a7c2fe3cd Mon Sep 17 00:00:00 2001
From: Shawn Wells <[email protected]>
Date: Sun, 10 Nov 2013 00:15:08 -0500
Subject: [PATCH 02/11] OVAL rename, accounts_dangerous_path_for_root --> 
root_path_no_dot
 - OVAL name now matches other root_path_* checks

---
 .../checks/accounts_dangerous_path_for_root.xml    |   86 --------------------
 RHEL6/input/checks/root_path_no_dot.xml            |   86 ++++++++++++++++++++
 RHEL6/input/system/accounts/session.xml            |    2 +-
 3 files changed, 87 insertions(+), 87 deletions(-)
 delete mode 100644 RHEL6/input/checks/accounts_dangerous_path_for_root.xml
 create mode 100644 RHEL6/input/checks/root_path_no_dot.xml

diff --git a/RHEL6/input/checks/accounts_dangerous_path_for_root.xml 
b/RHEL6/input/checks/accounts_dangerous_path_for_root.xml
deleted file mode 100644
index 7e475c4..0000000
--- a/RHEL6/input/checks/accounts_dangerous_path_for_root.xml
+++ /dev/null
@@ -1,86 +0,0 @@
-<def-group>
-  <definition class="compliance" id="accounts_dangerous_path_for_root" 
version="1">
-    <metadata>
-      <title>Ensure that No Dangerous Directories Exist in Root's Path</title>
-      <affected family="unix">
-        <platform>Red Hat Enterprise Linux 6</platform>
-      </affected>
-      <description>The environment variable PATH should be set correctly for
-      the root user.</description>
-      <reference source="MED" ref_id="20130925" ref_url="test_attestation" />
-    </metadata>
-    <criteria comment="environment variable PATH contains dangerous path" 
operator="AND">
-      <criterion comment="environment variable PATH starts with : or ." 
test_ref="test_env_var_begins" />
-      <criterion comment="environment variable PATH contains : twice in a row" 
test_ref="test_env_var_contains_doublecolon" />
-      <criterion comment="environment variable PATH contains . twice in a row" 
test_ref="test_env_var_contains_doubleperiod" />
-      <criterion comment="environment variable PATH ends with : or ." 
test_ref="test_env_var_ends" />
-      <criterion comment="environment variable PATH doesn't begin with a /" 
test_ref="test_env_var_begins_slash" />
-      <criterion comment="environment variable PATH doesn't contain relative 
paths" test_ref="test_env_var_contains_relative_path" />
-    </criteria>
-  </definition>
-  <ind:environmentvariable58_object 
id="object_accounts_dangerous_path_for_root"
-  version="1">
-    <ind:pid xsi:nil="true" datatype="int" />
-    <ind:name>PATH</ind:name>
-  </ind:environmentvariable58_object>
-  <ind:environmentvariable58_test check="none satisfy"
-  comment="environment variable PATH starts with : or ."
-  id="test_env_var_begins" version="1">
-    <ind:object object_ref="object_accounts_dangerous_path_for_root" />
-    <ind:state state_ref="state_begins_colon_period" />
-  </ind:environmentvariable58_test>
-  <ind:environmentvariable58_test check="none satisfy"
-  comment="environment variable PATH doesn't contain : twice in a row"
-  id="test_env_var_contains_doublecolon" version="1">
-    <ind:object object_ref="object_accounts_dangerous_path_for_root" />
-    <ind:state state_ref="state_contains_double_colon" />
-  </ind:environmentvariable58_test>
-  <ind:environmentvariable58_test check="none satisfy"
-  comment="environment variable PATH doesn't contain . twice in a row"
-  id="test_env_var_contains_doubleperiod" version="1">
-    <ind:object object_ref="object_accounts_dangerous_path_for_root" />
-    <ind:state state_ref="state_contains_double_period" />
-  </ind:environmentvariable58_test>
-  <ind:environmentvariable58_test check="none satisfy"
-  comment="environment variable PATH ends with : or ." id="test_env_var_ends"
-  version="1">
-    <ind:object object_ref="object_accounts_dangerous_path_for_root" />
-    <ind:state state_ref="state_ends_colon_period" />
-  </ind:environmentvariable58_test>
-  <ind:environmentvariable58_test check="none satisfy"
-  comment="environment variable PATH starts with an absolute path /"
-  id="test_env_var_begins_slash" version="1">
-    <ind:object object_ref="object_accounts_dangerous_path_for_root" />
-    <ind:state state_ref="state_begins_slash" />
-  </ind:environmentvariable58_test>
-  <ind:environmentvariable58_test check="none satisfy"
-  comment="environment variable PATH contains relative paths"
-  id="test_env_var_contains_relative_path" version="1">
-    <ind:object object_ref="object_accounts_dangerous_path_for_root" />
-    <ind:state state_ref="state_contains_relative_path" />
-  </ind:environmentvariable58_test>
-  <ind:environmentvariable58_state comment="starts with colon or period"
-  id="state_begins_colon_period" version="1">
-    <ind:value operation="pattern match">^[:\.]</ind:value>
-  </ind:environmentvariable58_state>
-  <ind:environmentvariable58_state comment="colon twice in a row"
-  id="state_contains_double_colon" version="1">
-    <ind:value operation="pattern match">::</ind:value>
-  </ind:environmentvariable58_state>
-  <ind:environmentvariable58_state comment="period twice in a row"
-  id="state_contains_double_period" version="1">
-    <ind:value operation="pattern match">\.\.</ind:value>
-  </ind:environmentvariable58_state>
-  <ind:environmentvariable58_state comment="ends with colon or period"
-  id="state_ends_colon_period" version="1">
-    <ind:value operation="pattern match">[:\.]$</ind:value>
-  </ind:environmentvariable58_state>
-  <ind:environmentvariable58_state comment="begins with a slash"
-  id="state_begins_slash" version="1">
-    <ind:value operation="pattern match">^[^/]</ind:value>
-  </ind:environmentvariable58_state>
-  <ind:environmentvariable58_state comment="elements begin with a slash"
-  id="state_contains_relative_path" version="1">
-    <ind:value operation="pattern match">[^\\]:[^/]</ind:value>
-  </ind:environmentvariable58_state>
-</def-group>
diff --git a/RHEL6/input/checks/root_path_no_dot.xml 
b/RHEL6/input/checks/root_path_no_dot.xml
new file mode 100644
index 0000000..0d528b5
--- /dev/null
+++ b/RHEL6/input/checks/root_path_no_dot.xml
@@ -0,0 +1,86 @@
+<def-group>
+  <definition class="compliance" id="root_path_no_dot.xml" version="1">
+    <metadata>
+      <title>Ensure that No Dangerous Directories Exist in Root's Path</title>
+      <affected family="unix">
+        <platform>Red Hat Enterprise Linux 6</platform>
+      </affected>
+      <description>The environment variable PATH should be set correctly for
+      the root user.</description>
+      <reference source="MED" ref_id="20130925" ref_url="test_attestation" />
+    </metadata>
+    <criteria comment="environment variable PATH contains dangerous path" 
operator="AND">
+      <criterion comment="environment variable PATH starts with : or ." 
test_ref="test_env_var_begins" />
+      <criterion comment="environment variable PATH contains : twice in a row" 
test_ref="test_env_var_contains_doublecolon" />
+      <criterion comment="environment variable PATH contains . twice in a row" 
test_ref="test_env_var_contains_doubleperiod" />
+      <criterion comment="environment variable PATH ends with : or ." 
test_ref="test_env_var_ends" />
+      <criterion comment="environment variable PATH doesn't begin with a /" 
test_ref="test_env_var_begins_slash" />
+      <criterion comment="environment variable PATH doesn't contain relative 
paths" test_ref="test_env_var_contains_relative_path" />
+    </criteria>
+  </definition>
+  <ind:environmentvariable58_object id="object_root_path_no_dot.xml"
+  version="1">
+    <ind:pid xsi:nil="true" datatype="int" />
+    <ind:name>PATH</ind:name>
+  </ind:environmentvariable58_object>
+  <ind:environmentvariable58_test check="none satisfy"
+  comment="environment variable PATH starts with : or ."
+  id="test_env_var_begins" version="1">
+    <ind:object object_ref="object_root_path_no_dot.xml" />
+    <ind:state state_ref="state_begins_colon_period" />
+  </ind:environmentvariable58_test>
+  <ind:environmentvariable58_test check="none satisfy"
+  comment="environment variable PATH doesn't contain : twice in a row"
+  id="test_env_var_contains_doublecolon" version="1">
+    <ind:object object_ref="object_root_path_no_dot.xml" />
+    <ind:state state_ref="state_contains_double_colon" />
+  </ind:environmentvariable58_test>
+  <ind:environmentvariable58_test check="none satisfy"
+  comment="environment variable PATH doesn't contain . twice in a row"
+  id="test_env_var_contains_doubleperiod" version="1">
+    <ind:object object_ref="object_root_path_no_dot.xml" />
+    <ind:state state_ref="state_contains_double_period" />
+  </ind:environmentvariable58_test>
+  <ind:environmentvariable58_test check="none satisfy"
+  comment="environment variable PATH ends with : or ." id="test_env_var_ends"
+  version="1">
+    <ind:object object_ref="object_root_path_no_dot.xml" />
+    <ind:state state_ref="state_ends_colon_period" />
+  </ind:environmentvariable58_test>
+  <ind:environmentvariable58_test check="none satisfy"
+  comment="environment variable PATH starts with an absolute path /"
+  id="test_env_var_begins_slash" version="1">
+    <ind:object object_ref="object_root_path_no_dot.xml" />
+    <ind:state state_ref="state_begins_slash" />
+  </ind:environmentvariable58_test>
+  <ind:environmentvariable58_test check="none satisfy"
+  comment="environment variable PATH contains relative paths"
+  id="test_env_var_contains_relative_path" version="1">
+    <ind:object object_ref="object_root_path_no_dot.xml" />
+    <ind:state state_ref="state_contains_relative_path" />
+  </ind:environmentvariable58_test>
+  <ind:environmentvariable58_state comment="starts with colon or period"
+  id="state_begins_colon_period" version="1">
+    <ind:value operation="pattern match">^[:\.]</ind:value>
+  </ind:environmentvariable58_state>
+  <ind:environmentvariable58_state comment="colon twice in a row"
+  id="state_contains_double_colon" version="1">
+    <ind:value operation="pattern match">::</ind:value>
+  </ind:environmentvariable58_state>
+  <ind:environmentvariable58_state comment="period twice in a row"
+  id="state_contains_double_period" version="1">
+    <ind:value operation="pattern match">\.\.</ind:value>
+  </ind:environmentvariable58_state>
+  <ind:environmentvariable58_state comment="ends with colon or period"
+  id="state_ends_colon_period" version="1">
+    <ind:value operation="pattern match">[:\.]$</ind:value>
+  </ind:environmentvariable58_state>
+  <ind:environmentvariable58_state comment="begins with a slash"
+  id="state_begins_slash" version="1">
+    <ind:value operation="pattern match">^[^/]</ind:value>
+  </ind:environmentvariable58_state>
+  <ind:environmentvariable58_state comment="elements begin with a slash"
+  id="state_contains_relative_path" version="1">
+    <ind:value operation="pattern match">[^\\]:[^/]</ind:value>
+  </ind:environmentvariable58_state>
+</def-group>
diff --git a/RHEL6/input/system/accounts/session.xml 
b/RHEL6/input/system/accounts/session.xml
index ae71777..e500495 100644
--- a/RHEL6/input/system/accounts/session.xml
+++ b/RHEL6/input/system/accounts/session.xml
@@ -89,7 +89,7 @@ Including these entries increases the risk that root could
 execute code from an untrusted location.
 </rationale>
 <ident cce="26826-8" />
-<oval id="accounts_dangerous_path_for_root" />
+<oval id="root_path_no_dot" />
 <ref nist=""/>
 </Rule>
 
-- 
1.7.1


_______________________________________________
scap-security-guide mailing list
[email protected]
https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide














    











					Reply via email to