search

sous-chefs / cron

Development repository for the cron cookbook
https://supermarket.chef.io/cookbooks/cron
Apache License 2.0
78 stars 100 forks source link

/etc/cron.allow must be g-rwx,o-rwx per CIS Benchmark #166

Open jrmetzger opened 10 months ago

jrmetzger commented 10 months ago

https://github.com/sous-chefs/cron/blob/781003d3245fb8f32012d4bee894e6779958dad8/resources/access.rb#L35C18-L35C18

We must make /etc/cron.allow mode to be 600 or not group/other readwrite,execute. Unable to modify resource.

Either update hard code or create attribute for this value

jrmetzger commented 10 months ago

Or as a resource attribute, may be a better fit here.