From 0cc27b956ef5530e62ff210c2ac36a645300b0a3 Mon Sep 17 00:00:00 2001
From: Michael Boelen <michael.boelen@cisofy.com>
Date: Wed, 5 Oct 2016 09:50:06 +0200
Subject: New test INSE-8050

---
 include/tests_insecure_services | 23 +++++++++++++++++++++++
 1 file changed, 23 insertions(+)

(limited to 'include/tests_insecure_services')

diff --git a/include/tests_insecure_services b/include/tests_insecure_services
index d04afd7c..c5e39a99 100644
--- a/include/tests_insecure_services
+++ b/include/tests_insecure_services
@@ -109,6 +109,29 @@
 #
 #################################################################################
 #
+    if [ ! -z "${LAUNCHCTL_BINARY}" ]; then PREQS_MET="YES"; SKIPREASON=""; else PREQS_MET="NO"; SKIPREASON="No launchctl binary on this system"; fi
+    Register --test-no INSE-8050 --os "MacOS" --preqs-met ${PREQS_MET} --skip-reason "${SKIPREASON}" --weight M --network NO --category security --description "Check for insecure services on macOS"
+    if [ ${SKIPTEST} -eq 0 ]; then
+        TEST_SERVICES="com.apple.fingerd"
+        for ITEM in ${TEST_SERVICES}; do
+            if ${LAUNCHCTL_BINARY} print-enabled system | grep -sq ${ITEM}; then
+                Display --indent 2 --text "- $text" --result "${STATUS_NO}" --color RED
+                LogText "Result: found ${ITEM}, which is considered an insecure service"
+                AddSuggestion "${TEST_NO}" "Consider disabling service ${ITEM}" "launchctl" "-"
+                AddHP 0 1
+            else
+                Display --indent 2 --text "- $text" --result "${STATUS_OK}" --color GREEN
+                LogText "Result: $text, OK"
+                AddHP 1 1
+            fi
+        done
+    fi
+#
+#################################################################################
+#
+
+# To do:
+# - mark in report when a system was tested for any insecure services
 
 WaitForKeyPress
 
-- 
cgit v1.2.3