Move scripts out of /tmp as fail if noexec, return sysctl ipv6 management, remove pkill use

fervidus / secure_linux_cis

Apache License 2.0

16 stars 33 forks source link

Move scripts out of /tmp as fail if noexec, return sysctl ipv6 management, remove pkill use #13

Closed canihavethisone closed 5 years ago

canihavethisone commented 5 years ago

and other refactoring as per changelog.

canihavethisone commented 5 years ago

I have moved the scripts location to /usr/share/applications, but was also considering /usr/local/bin. Any thoughts on that before this is merged? They didn't work in /tmp if its marked noexec.

canihavethisone commented 5 years ago

@bryanjbelanger , I have finished with the changes for this merge request. I have also developed a way to address cis_5.5 which involves reducing the content of /etc/securetty to 'console', but it should be combined with creating additional users and is getting out of scope of this module I think...so I have not included it but am happy to send you the code to look at.

Can you please review this merge request? Thank you.