Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Adding for Azure Security Baseline v2's EnsurePasswordReuseIsLimited check remediation and consolidating audit #692

Merged
merged 19 commits into from
May 20, 2024
Merged

Adding for Azure Security Baseline v2's EnsurePasswordReuseIsLimited check remediation and consolidating audit #692

merged 19 commits into from
May 20, 2024

Conversation

MariusNi
Copy link
Contributor

@MariusNi MariusNi commented May 17, 2024
edited

Description

This PR started with ensuring the manner in which system files are not directly updated but instead, copied to a temporary copy, edited there then atomically renamed at the very end. Adding implementation for EnsurePasswordReuseIsLimited's remediation and consolidating audit, plus fixing implementation for the EnsureAvahiDaemonServiceIsDisabled and EnsureCupsServiceisDisabled's remediation, also adding several remediations based on added configuration files to disable certain components, under /etc/modprobe.d.

Checklist

  • I have read the contribution guidelines.
  • All unit tests are passing.
  • I have merged the latest main branch prior to this PR submission.
  • I submitted this PR against the main branch.

@MariusNi MariusNi requested a review from a team as a code owner May 17, 2024 17:37
AhmedBM
AhmedBM approved these changes May 17, 2024
View reviewed changes
Copy link
Contributor

@AhmedBM AhmedBM left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good, but curious about the function expansions.

@MariusNi MariusNi changed the title Securing recently added ASB v2 remediation checks for updating PAM and other system files Adding for Azure Security Baseline v2's EnsurePasswordReuseIsLimited check remediation and consolidating audit May 17, 2024
@MariusNi MariusNi merged commit c0a18c6 into main May 20, 2024
19 checks passed
@MariusNi MariusNi deleted the MariusNi/OsConfig_ASB_May17_2024 branch May 20, 2024 17:14
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@AhmedBM AhmedBM AhmedBM approved these changes

@simonjaeger simonjaeger simonjaeger approved these changes

@robertschaedler3 robertschaedler3 robertschaedler3 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
4 participants
@MariusNi @AhmedBM @simonjaeger @robertschaedler3