5.4.5 Does Not Append Correctly Nor to Correct Files

Question

5.4.5 Does Not Append Correctly Nor to Correct Files

keithwoelke opened this issue 3 years ago · 1 comments

In https://github.com/ovh/debian-cis/blob/master/bin/hardening/5.4.5_default_timeout.sh, it seems like it SHOULD be appending to /etc/bash.bashrc, /etc/profile, and /etc/profile.d/*.sh, but instead it only appends to $FILE, which is /etc/profile.d/CIS_99.1_timeout.sh (and doesn't check the contents of that file before appending?)

$ cat /etc/profile.d/CIS_99.1_timeout.sh
readonly TMOUT=600
export TMOUT
readonly TMOUT=600
export TMOUT
readonly TMOUT=600
export TMOUT
readonly TMOUT=600
export TMOUT
readonly TMOUT=600
export TMOUT
readonly TMOUT=600
export TMOUT
readonly TMOUT=600
export TMOUT
readonly TMOUT=600
export TMOUT
readonly TMOUT=600
export TMOUT
readonly TMOUT=600
export TMOUT

Answer 1 · 2021-10-15T14:29:07.000Z

Bug spotted in 5.4.5 file, adding bug label