diff options
Diffstat (limited to 'include/tests_hardening')
| -rw-r--r-- | include/tests_hardening | 23 |
1 files changed, 22 insertions, 1 deletions
diff --git a/include/tests_hardening b/include/tests_hardening index 4feff7c6..130a4ddc 100644 --- a/include/tests_hardening +++ b/include/tests_hardening @@ -6,7 +6,7 @@ # ------------------ # # Copyright 2007-2013, Michael Boelen -# Copyright 2007-2020, CISOfy +# Copyright 2007-2021, CISOfy # # Website : https://cisofy.com # Blog : http://linux-audit.com @@ -107,6 +107,27 @@ # ################################################################################# # + # Test : HRDN-7231 + # Description : Check for registered non-native binary formats + Register --test-no HRDN-7231 --os Linux --weight L --network NO --category security --description "Check for registered non-native binary formats" + if [ ${SKIPTEST} -eq 0 ]; then + LogText "Test: Check for registered non-native binary formats" + NFORMATS=0 + if [ -d /proc/sys/fs/binfmt_misc ]; then + NFORMATS=$(${FINDBINARY} /proc/sys/fs/binfmt_misc -type f -not -name register -not -name status | ${WCBINARY} --lines) + fi + if [ ${NFORMATS} -eq 0 ]; then + LogText "Result: no non-native binary formats found" + Display --indent 4 --text "- Non-native binary formats" --result "${STATUS_NOT_FOUND}" --color GREEN + else + FORMATS=$(${FINDBINARY} /proc/sys/fs/binfmt_misc -type f -not -name register -not -name status -printf '%f ') + LogText "Result: found ${NFORMATS} non-native binary formats registered: ${FORMATS}" + Display --indent 4 --text "- Non-native binary formats" --result "${STATUS_FOUND}" --color RED + fi + fi +# +################################################################################# +# # LogText "--------------------------------------------------------------------" # LogText "| System part | Preferred value | Actual value | Points |" # LogText "| [!] Compiler installed | 0 | [${COMPILER_INSTALLED}] | x |" |