arno/kube-bench
1
0
Fork 0
mirror of https://github.com/aquasecurity/kube-bench.git synced 2025-03-20 17:36:18 +00:00
Code Issues Releases Wiki Activity

Updating section id 4.6 (#689)

Browse Source 
- id: 4.6
        text: "Verify the scheduler pod specification file ownership set by OpenShift"
        audit: "stat -c %u:%g /etc/origin/node/pods/controller.yaml" -- (lower case u and g ) it returns the uID and gID in numeric i.e 0:0 not root:root.
it supposed to be Uppercase: audit: "stat -c %U:%G /etc/origin/node/pods/controller.yaml"
This commit is contained in:
Sathi Dyapa 2020-09-02 10:29:57 -04:00 committed by GitHub
parent 4e43c9a9a2
commit 3488c8343d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
cfg/rh-0.7/master.yaml
View File

@ -895,7 +895,7 @@ groups:
- id: 4.6
text: "Verify the scheduler pod specification file ownership set by OpenShift"
audit: "stat -c %u:%g /etc/origin/node/pods/controller.yaml"
audit: "stat -c %U:%G /etc/origin/node/pods/controller.yaml"
tests:
test_items:
- flag: "root:root"