CISOfy / lynis

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
https://cisofy.com/lynis/
GNU General Public License v3.0
13.28k stars 1.48k forks source link

kernel_hardening module can't be used to check value containing whitespace #1253

Open tlaguz opened 2 years ago

tlaguz commented 2 years ago

Describe the bug kernel.printk takes four digits as a value. sysctl -a returns them separated by tab. This tabulation can't be expressed in profile. Tab between digits and \t trigger Fatal error: unexpected characters in profile. Stopping execution (security measure). ` character gets replaced by-space-` string.

Version

Expected behavior Tabulation in kernel.printk expected value should be possible to express as config-data=sysctl rule.

mboelen commented 2 years ago

Thanks for reporting.