Merge pull request #172 from dev-sec/protected_fifos

schurzi · web-flow · commit 81ce2ab60cc4 · 2022-07-11T12:17:52.000+02:00
fix handling of sysctl fs.protected_fifos and fs.protected_regular
diff --git a/controls/sysctl_spec.rb b/controls/sysctl_spec.rb
@@ -414,13 +414,13 @@
   desc 'Protects against common exploits in regards to links, fifos and regular files created or controlled by attackers'
   only_if { !container_execution }
   describe kernel_parameter('fs.protected_fifos') do
-    its(:value) { should match cmp(/(1|2)/) }
+    its(:value) { should eq(1).or eq(2).or eq(nil) } # include nil because RHEL7 does not have this parameter
   end
   describe kernel_parameter('fs.protected_hardlinks') do
     its(:value) { should eq 1 }
   end
   describe kernel_parameter('fs.protected_regular') do
-    its(:value) { should eq 2 }
+    its(:value) { should eq(2).or eq(nil) } # include nil because RHEL7 does not have this parameter
   end
   describe kernel_parameter('fs.protected_symlinks') do
     its(:value) { should eq 1 }
