def setUp(self): RuleTest.setUp(self) self.rule = EnableKernelAuditing(self.config, self.environ, self.logdispatch, self.statechglogger) self.rulename = self.rule.rulename self.rulenumber = self.rule.rulenumber self.ch = CommandHelper(self.logdispatch)
def setUp(self): RuleTest.setUp(self) self.rule = STIGConfigurePasswordPolicy(self.config, self.environ, self.logdispatch, self.statechglogger) self.rulename = self.rule.rulename self.rulenumber = self.rule.rulenumber self.ch = CommandHelper(self.logdispatch) self.passidentifier = "mil.disa.STIG.passwordpolicy.alacarte" self.secidentifier = "mil.disa.STIG.Security_Privacy.alacarte" self.applicable = {'type': 'white', 'os': {'Mac OS X': ['10.10.0', 'r', '10.14.10']}, 'fisma': 'high'} if search("10\.10.*", self.environ.getosver()): self.rule.pwprofile = "/Users/vagrant/stonix/src/stonix_resources/files/" + \ "U_Apple_OS_X_10-10_Workstation_V1R2_STIG_Passcode_Policy.mobileconfig" self.rule.secprofile = "/Users/vagrant/stonix/src/stonix_resources/files/" + \ "U_Apple_OS_X_10-10_Workstation_V1R2_STIG_Security_Privacy_Policy.mobileconfig" elif search("10\.11\.*", self.environ.getosver()): self.rule.pwprofile = "/Users/vagrant/stonix/src/stonix_resources/files/" + \ "U_Apple_OS_X_10-11_V1R1_STIG_Passcode_Policy.mobileconfig" self.rule.secprofile = "/Users/vagrant/stonix/src/stonix_resources/files/" + \ "U_Apple_OS_X_10-11_V1R1_STIG_Security_and_Privacy_Policy.mobileconfig" else: self.rule.pwprofile = "/Users/vagrant/stonix/src/stonix_resources/files/" + \ "U_Apple_macOS_10-12_V1R1_STIG_Passcode_Policy.mobileconfig" self.rule.secprofile = "/Users/vagrant/stonix/src/stonix_resources/files/" + \ "U_Apple_macOS_10-12_V1R1_STIG_Security_and_Privacy_Policy.mobileconfig" self.rule.pwci.updatecurrvalue(True)
def setUp(self): RuleTest.setUp(self) self.rule = InstalledSoftwareVerification(self.config, self.environ, self.logdispatch, self.statechglogger) self.rulename = self.rule.rulename self.rulenumber = self.rule.rulenumber
def setUp(self): RuleTest.setUp(self) self.rule = AuditSSHKeys(self.config, self.environ, self.logdispatch, self.statechglogger) self.rulename = self.rule.rulename self.rulenumber = self.rule.rulenumber self.ignoreresults = True
def setUp(self): RuleTest.setUp(self) self.rule = MinimizeServices(self.config, self.environ, self.logdispatch, self.statechglogger) self.rulename = self.rule.rulename self.rulenumber = self.rule.rulenumber self.ch = CommandHelper(self.logdispatch)
def setUp(self): RuleTest.setUp(self) self.rule = ConfigureAIDE(self.config, self.environ, self.logdispatch, self.statechglogger) self.rulename = self.rule.rulename self.rulenumber = self.rule.rulenumber self.rule.ci.updatecurrvalue(True)
def setUp(self): RuleTest.setUp(self) self.rule = BlockSystemAccounts(self.config, self.environ, self.logdispatch, self.statechglogger) self.rulename = self.rule.rulename self.rulenumber = self.rule.rulenumber self.ch = CommandHelper(self.logdispatch)
def setUp(self): RuleTest.setUp(self) self.rule = NoCachedFDEKeys(self.config, self.environ, self.logdispatch, self.statechglogger) self.rulename = self.rule.rulename self.rulenumber = self.rule.rulenumber self.ch = CommandHelper(self.logdispatch)
def setUp(self): RuleTest.setUp(self) self.rule = NoLegacyPlusAccts(self.config, self.environ, self.logdispatch, self.statechglogger) self.rulename = self.rule.rulename self.rulenumber = self.rule.rulenumber self.ch = CommandHelper(self.logdispatch)
def setUp(self): RuleTest.setUp(self) self.rule = ConsoleRootOnly(self.config, self.environ, self.logdispatch, self.statechglogger) self.rulename = self.rule.rulename self.rulenumber = self.rule.rulenumber self.ch = CommandHelper(self.logdispatch)
def setUp(self): RuleTest.setUp(self) self.rule = DisableAdminLoginOverride(self.config, self.environ, self.logdispatch, self.statechglogger) self.rulename = self.rule.rulename self.rulenumber = self.rule.rulenumber
def setUp(self): RuleTest.setUp(self) self.rule = RestrictAccessToKernelMessageBuffer( self.config, self.environ, self.logdispatch, self.statechglogger) self.rulename = self.rule.rulename self.rulenumber = self.rule.rulenumber self.ch = CommandHelper(self.logdispatch)
def setUp(self): RuleTest.setUp(self) self.rule = CheckPartitioning(self.config, self.environ, self.logdispatch, self.statechglogger) self.rulename = self.rule.rulename self.rulenumber = self.rule.rulenumber self.ch = CommandHelper(self.logdispatch)
def setUp(self): RuleTest.setUp(self) self.rule = SetDefaultUserUmask(self.config, self.environ, self.logdispatch, self.statechglogger) self.rulename = self.rule.rulename self.rulenumber = self.rule.rulenumber self.ch = CommandHelper(self.logdispatch)
def setUp(self): RuleTest.setUp(self) self.rule = PasswordExpiration(self.config, self.environ, self.logdispatch, self.statechglogger) self.rulename = self.rule.rulename self.rulenumber = self.rule.rulenumber self.ch = CommandHelper(self.logdispatch)
def setUp(self): RuleTest.setUp(self) self.rule = PreventXListen(self.config, self.environ, self.logdispatch, self.statechglogger) self.rulename = self.rule.rulename self.rulenumber = self.rule.rulenumber self.ch = CommandHelper(self.logdispatch)
def setUp(self): RuleTest.setUp(self) self.rule = RestrictAdminSSH(self.config, self.environ, self.logdispatch, self.statechglogger) self.rulename = self.rule.rulename self.rulenumber = self.rule.rulenumber self.ch = CommandHelper(self.logdispatch)
def setUp(self): RuleTest.setUp(self) self.rule = SecureHomeDir(self.config, self.environ, self.logdispatch, self.statechglogger) self.rulename = self.rule.rulename self.rulenumber = self.rule.rulenumber self.ch = CommandHelper(self.logdispatch)
def setUp(self): RuleTest.setUp(self) self.rule = ConfigureLinuxFirewall(self.config, self.environ, self.logdispatch, self.statechglogger) self.rulename = self.rule.rulename self.rulenumber = self.rule.rulenumber self.logger = self.logdispatch self.ch = CommandHelper(self.logger) self.servicehelper = ServiceHelper(self.environ, self.logger) self.checkUndo = True self.isfirewalld = False self.isufw = False if os.path.exists('/bin/firewall-cmd'): self.isfirewalld = True if os.path.exists('/usr/sbin/ufw'): self.isufw = True # mostly pertains to RHEL6, Centos6 self.iptables = "/usr/sbin/iptables" if not os.path.exists(self.iptables): self.iptables = '/sbin/iptables' self.ip6tables = "/usr/sbin/ip6tables" if not os.path.exists(self.ip6tables): self.ip6tables = '/sbin/ip6tables' if os.path.exists("/usr/sbin/iptables-restore"): self.iprestore = "/usr/sbin/iptables-restore" elif os.path.exists("/sbin/iptables-restore"): self.iprestore = "/sbin/iptables-restore" if os.path.exists("/usr/sbin/ip6tables-restore"): self.ip6restore = "/usr/sbin/ip6tables-restore" elif os.path.exists("/sbin/ip6tables-restore"): self.ip6restore = "/sbin/ip6tables-restore" self.scriptType = ""
def setUp(self): RuleTest.setUp(self) self.rule = XinetdAccessControl(self.config, self.environ, self.logdispatch, self.statechglogger) self.rulename = self.rule.rulename self.rulenumber = self.rule.rulenumber self.ch = CommandHelper(self.logdispatch)
def setUp(self): RuleTest.setUp(self) self.rule = AuditNetworkSniffing(self.config, self.environ, self.logdispatch, self.statechglogger) self.rulename = self.rule.rulename self.rulenumber = self.rule.rulenumber self.ch = CommandHelper(self.logdispatch)
def setUp(self): RuleTest.setUp(self) self.rule = DisableSerialLoginPrompts(self.config, self.environ, self.logdispatch, self.statechglogger) self.rulename = self.rule.rulename self.rulenumber = self.rule.rulenumber
def setUp(self): RuleTest.setUp(self) self.rule = SecureMTA(self.config, self.environ, self.logdispatch, self.statechglogger) self.rulename = self.rule.rulename self.rulenumber = self.rule.rulenumber self.ch = CommandHelper(self.logdispatch) if self.environ.operatingsystem == "Mac OS X": self.isMac = True else: self.isMac = False if not self.isMac: self.ph = Pkghelper(self.logdispatch, self.environ) self.origState = [False, False, False, False] self.smPath = "/etc/mail/sendmail.cf" self.smTmp = "/tmp/" + os.path.split(self.smPath)[1] + ".utmp" self.pfPathlist = [ '/etc/postfix/main.cf', '/private/etc/postfix/main.cf', '/usr/lib/postfix/main.cf' ] self.pfPath = "" for path in self.pfPathlist: if os.path.exists(path): self.pfPath = path if self.pfPath == "": self.pfPath = "/etc/postfix/main.cf" self.pfTmp = "/tmp/" + os.path.split(self.pfPath)[1] + ".utmp"
def setUp(self): RuleTest.setUp(self) self.rule = FilePermissions(self.config, self.environ, self.logdispatch, self.statechglogger) self.rulename = self.rule.rulename self.rulenumber = self.rule.rulenumber self.ch = CommandHelper(self.logdispatch)
def setUp(self): """ :return: """ RuleTest.setUp(self) self.rule = LinuxPackageSigning(self.config, self.environ, self.logdispatch, self.statechglogger) self.rulename = self.rule.rulename self.rulenumber = self.rule.rulenumber self.checkUndo = True self.rule.localize() self.backup = "" self.confpath = "" if not self.rule.suse: try: self.confpaths = self.rule.repos except: pass for p in self.confpaths: if os.path.exists(p): self.confpath = p self.backup = p + ".stonixtest" copy2(p, self.backup)
def setUp(self): RuleTest.setUp(self) self.rule = DisableTouchID(self.config, self.environ, self.logdispatch, self.statechglogger) self.rulename = self.rule.rulename self.rulenumber = self.rule.rulenumber self.ch = CommandHelper(self.logdispatch)
def setUp(self): RuleTest.setUp(self) self.rule = InstallCasperSuite(self.config, self.environ, self.logdispatch, self.statechglogger) self.rulename = self.rule.rulename self.rulenumber = self.rule.rulenumber
def setUp(self): RuleTest.setUp(self) self.rule = SymlinkDangerFiles(self.config, self.environ, self.logdispatch, self.statechglogger) self.rulename = self.rule.rulename self.rulenumber = self.rule.rulenumber self.ch = CommandHelper(self.logdispatch)
def setUp(self): RuleTest.setUp(self) self.rule = SecureMTA(self.config, self.environ, self.logdispatch, self.statechglogger) self.rulename = self.rule.rulename self.rulenumber = self.rule.rulenumber self.ch = CommandHelper(self.logdispatch) if self.environ.operatingsystem == "Mac OS X": self.isMac = True else: self.isMac = False if not self.isMac: self.ph = Pkghelper(self.logdispatch, self.environ) self.origState = [False, False, False, False] self.smPath = "/etc/mail/sendmail.cf" self.smTmp = "/tmp/" + os.path.split(self.smPath)[1] + ".utmp" self.pfPathlist = ['/etc/postfix/main.cf', '/private/etc/postfix/main.cf', '/usr/lib/postfix/main.cf'] self.pfPath = "" for path in self.pfPathlist: if os.path.exists(path): self.pfPath = path if self.pfPath == "": self.pfPath = "/etc/postfix/main.cf" self.pfTmp = "/tmp/" + os.path.split(self.pfPath)[1] + ".utmp"
def setUp(self): RuleTest.setUp(self) self.rule = NetworkTuning(self.config, self.environ, self.logdispatch, self.statechglogger) self.rulename = self.rule.rulename self.rulenumber = self.rule.rulenumber self.fh = FileHelper(self.logdispatch)
def setUp(self): RuleTest.setUp(self) self.rule = BootSecurity(self.config, self.environ, self.logdispatch, self.statechglogger) self.rulename = self.rule.rulename self.rulenumber = self.rule.rulenumber self.checkUndo = True
def setUp(self): RuleTest.setUp(self) self.rule = SoftwarePatching(self.config, self.environ, self.logdispatch, self.statechglogger) self.rulename = self.rule.rulename self.rulenumber = self.rule.rulenumber
def setUp(self): RuleTest.setUp(self) self.rule = ConfigureGatekeeper(self.config, self.environ, self.logdispatch, self.statechglogger) self.rulename = self.rulename self.rulenumber = self.rule.rulenumber self.ch = CommandHelper(self.logdispatch)
def setUp(self): RuleTest.setUp(self) self.rule = SecureDHCPServer(self.config, self.environ, self.logdispatch, self.statechglogger) self.rulename = self.rule.rulename self.rulenumber = self.rule.rulenumber
def setUp(self): RuleTest.setUp(self) self.rule = DisableGUILogon(self.config, self.environ, self.logdispatch, self.statechglogger) self.rulename = self.rule.rulename self.rulenumber = self.rule.rulenumber self.ch = CommandHelper(self.logdispatch) self.sh = ServiceHelper(self.environ, self.logdispatch)
def setUp(self): RuleTest.setUp(self) self.rule = DisableBluetooth(self.config, self.environ, self.logdispatch, self.statechglogger) self.rulename = self.rule.rulename self.rulenumber = self.rule.rulenumber
def setUp(self): RuleTest.setUp(self) self.rule = ConfigureKerberos(self.config, self.environ, self.logdispatch, self.statechglogger) self.rulename = self.rule.rulename self.rulenumber = self.rule.rulenumber self.ch = CommandHelper(self.logdispatch) self.fh = FileHelper(self.logdispatch, self.statechglogger) if self.environ.getosfamily() == 'darwin': self.files = {"kerb5.conf": {"path": "/etc/krb5.conf", "remove": True, "content": None, "permissions": None, "owner": None, "group": None, "eventid": str(self.rulenumber).zfill(4) + "kerb5ut"}, "edu.mit.Kerberos": {"path": "/Library/Preferences/edu.mit.Kerberos", "remove": False, "content": "test", "permissions": None, "owner": None, "group": None, "eventid": str(self.rulenumber).zfill(4) + "Kerberosut"}, "edu.mit.Kerberos.krb5kdc.launchd": {"path": "/Library/Preferences/edu.mit.Kerberos.krb5kdc.launchd", "remove": False, "content": "test", "permissions": None, "owner": None, "group": None, "eventid": str(self.rulenumber).zfill(4) + "krb5kdcut"}, "edu.mit.Kerberos.kadmind.launchd": {"path": "/Library/Preferences/edu.mit.Kerberos.kadmind.launchd", "remove": False, "content": "test", "permissions": None, "owner": None, "group": None, "eventid": str(self.rulenumber).zfill(4) + "kadmindut"}, } else: self.files = {"kerb5.conf": {"path": "/etc/krb5.conf", "remove": True, "content": None, "permissions": None, "owner": None, "group": None, "eventid": str(self.rulenumber).zfill(4) + "kerb5ut"}}
def setUp(self): RuleTest.setUp(self) self.rule = SecureApacheWebserver(self.config, self.environ, self.logdispatch, self.statechglogger) self.rulename = self.rule.rulename self.rulenumber = self.rule.rulenumber self.ch = CommandHelper(self.logdispatch)
def setUp(self): RuleTest.setUp(self) self.rule = SystemIntegrityProtection(self.config, self.environ, self.logdispatch, self.statechglogger) self.rulename = self.rule.rulename self.rulenumber = self.rule.rulenumber self.ch = CommandHelper(self.logdispatch)
def setUp(self): RuleTest.setUp(self) self.rule = SystemAccounting(self.config, self.environ, self.logdispatch, self.statechglogger) self.rulename = self.rule.rulename self.rulenumber = self.rule.rulenumber self.ch = CommandHelper(self.logdispatch)
def setUp(self): RuleTest.setUp(self) self.rule = DisableInteractiveStartup(self.config, self.environ, self.logdispatch, self.statechglogger) self.rulename = self.rule.rulename self.rulenumber = self.rule.rulenumber self.ch = CommandHelper(self.logdispatch)
def setUp(self): RuleTest.setUp(self) self.rule = VerifyAccPerms(self.config, self.environ, self.logdispatch, self.statechglogger) self.rulename = self.rule.rulename self.rulenumber = self.rule.rulenumber self.ch = CommandHelper(self.logdispatch)
def setUp(self): RuleTest.setUp(self) self.rule = DisableWeakAuthentication(self.config, self.environ, self.logdispatch, self.statechglogger) self.rulename = self.rule.rulename self.rulenumber = self.rule.rulenumber self.ch = CommandHelper(self.logdispatch)
def setUp(self): RuleTest.setUp(self) self.rule = DisableGuestAccess(self.config, self.environ, self.logdispatch, self.statechglogger) self.rulename = self.rule.rulename self.rulenumber = self.rule.rulenumber self.ch = CommandHelper(self.logdispatch) self.dc = "/usr/bin/defaults"
def setUp(self): RuleTest.setUp(self) self.rule = DisableSIRIandContinuityFeatures(self.config, self.environ, self.logdispatch, self.statechglogger) self.rulename = self.rule.rulename self.rulenumber = self.rule.rulenumber self.ch = CommandHelper(self.logdispatch)
def setUp(self): RuleTest.setUp(self) self.rule = RemoveBadDotFiles(self.config, self.environ, self.logdispatch, self.statechglogger) self.rulename = self.rule.rulename self.rulenumber = self.rule.rulenumber self.ch = CommandHelper(self.logdispatch)
def setUp(self): RuleTest.setUp(self) self.rule = SetRootDefaults(self.config, self.environ, self.logdispatch, self.statechglogger) self.rulename = self.rule.rulename self.rulenumber = self.rule.rulenumber self.ch = CommandHelper(self.logdispatch)
def setUp(self): RuleTest.setUp(self) self.rule = DisableScreenSavers(self.config, self.environ, self.logdispatch, self.statechglogger) self.rulename = self.rule.rulename self.rulenumber = self.rule.rulenumber self.ch = CommandHelper(self.logdispatch)
def setUp(self): RuleTest.setUp(self) self.rule = RestrictMounting(self.config, self.environ, self.logdispatch, self.statechglogger) self.rulename = self.rule.rulename self.rulenumber = self.rule.rulenumber self.ch = CommandHelper(self.logdispatch) self.ph = Pkghelper(self.logdispatch, self.environ) self.sh = ServiceHelper(self.environ, self.logdispatch)