Tree - rpms/scap-security-guide

rpms / scap-security-guide

Files

Commit: df3ea45e28b3f0fe7994fbf80bdb5c012658e814

Blob Blame History Raw

From 6f502074053282dd3afbb5ed1594fbbd524c9bc6 Mon Sep 17 00:00:00 2001
From: Gabe <redhatrises@gmail.com>
Date: Fri, 8 Dec 2017 11:34:50 -0700
Subject: [PATCH] Do not check library ownership in libexec

- Fixes #2473
---
 shared/checks/oval/file_ownership_library_dirs.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/shared/checks/oval/file_ownership_library_dirs.xml b/shared/checks/oval/file_ownership_library_dirs.xml
index 41394a01e..186c99012 100644
--- a/shared/checks/oval/file_ownership_library_dirs.xml
+++ b/shared/checks/oval/file_ownership_library_dirs.xml
@@ -34,7 +34,7 @@
 
   <unix:file_object comment="library files" id="object_file_ownership_lib_files" version="1">
     <!-- Check that files within /lib, /lib64, /usr/lib, and /usr/lib64 directories belong to user with uid 0 (root) -->
-    <unix:path operation="pattern match">^\/lib(|64)|^\/usr\/lib(|64)</unix:path>
+    <unix:path operation="pattern match">^\/lib(|64)\/|^\/usr\/lib(|64)\/</unix:path>
     <unix:filename operation="pattern match">^.*$</unix:filename>
    <filter action="include">state_owner_libraries_not_root</filter>
   </unix:file_object>

rpms / scap-security-guide

Source Code

Files