Disable fs:largeFiles checks until the images are updated with findutils - Githubissues

govCMS / audit-site

govCMS site audit and remediation tool. Used to verify all sites built in, and for GovCMS SaaS meet the minimum requirements.

4 stars 4 forks source link

Disable fs:largeFiles checks until the images are updated with findutils #34

Open tobybellwood opened 5 years ago

tobybellwood commented 5 years ago

The fs:largeFiles check (https://drutiny.github.io/2.3.x/audits/DrutinyAuditFilesystem/#largefiles) uses a variant of the find command that is not natively supported on busybox (it requires https://pkgs.alpinelinux.org/package/v3.9/main/x86/findutils to provide the -M size option and the printf command)

As such, it should be disabled in the checks until the apk has been added to the images.

https://github.com/govCMS/audit-site/blob/7.x-3.x/Profiles/d7-full.profile.yml#L135-L138 https://github.com/govCMS/audit-site/blob/7.x-3.x/Profiles/d8-full.profile.yml#L136-L139

In the meantime, the Drupal:largeFiles check provides file sizes via the database.

tobybellwood commented 5 years ago

Likewise fs:SensitivePublicFiles checks also rely on findutils