diff options
| author | Michael Boelen <michael.boelen@cisofy.com> | 2016-10-05 10:50:06 +0300 |
|---|---|---|
| committer | Michael Boelen <michael.boelen@cisofy.com> | 2016-10-05 10:50:06 +0300 |
| commit | 0cc27b956ef5530e62ff210c2ac36a645300b0a3 (patch) | |
| tree | 5920fc2d14ecddfd458e33c33e1c36eeac18222c /include/tests_insecure_services | |
| parent | f8288bff203c4d12fd2f30e561a0341c3a41faff (diff) | |
New test INSE-8050
Diffstat (limited to 'include/tests_insecure_services')
| -rw-r--r-- | include/tests_insecure_services | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/include/tests_insecure_services b/include/tests_insecure_services index d04afd7c..c5e39a99 100644 --- a/include/tests_insecure_services +++ b/include/tests_insecure_services @@ -109,6 +109,29 @@ # ################################################################################# # + if [ ! -z "${LAUNCHCTL_BINARY}" ]; then PREQS_MET="YES"; SKIPREASON=""; else PREQS_MET="NO"; SKIPREASON="No launchctl binary on this system"; fi + Register --test-no INSE-8050 --os "MacOS" --preqs-met ${PREQS_MET} --skip-reason "${SKIPREASON}" --weight M --network NO --category security --description "Check for insecure services on macOS" + if [ ${SKIPTEST} -eq 0 ]; then + TEST_SERVICES="com.apple.fingerd" + for ITEM in ${TEST_SERVICES}; do + if ${LAUNCHCTL_BINARY} print-enabled system | grep -sq ${ITEM}; then + Display --indent 2 --text "- $text" --result "${STATUS_NO}" --color RED + LogText "Result: found ${ITEM}, which is considered an insecure service" + AddSuggestion "${TEST_NO}" "Consider disabling service ${ITEM}" "launchctl" "-" + AddHP 0 1 + else + Display --indent 2 --text "- $text" --result "${STATUS_OK}" --color GREEN + LogText "Result: $text, OK" + AddHP 1 1 + fi + done + fi +# +################################################################################# +# + +# To do: +# - mark in report when a system was tested for any insecure services WaitForKeyPress |