-
Notifications
You must be signed in to change notification settings - Fork 16
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
unable to check HKLM:\Security ACL #22
Comments
4da692c fixes this issue |
aaronlippold
added a commit
that referenced
this issue
Feb 10, 2020
* first simple pass for the profile * update 73615 to use Windows 2016 PS commands * change attributes to inputs * move attributes to inside the control code * updates related to legal notice text and caption * update 73221 to correct domain roles and AD check * update 73259 to check for DC role * update 73261 to account for DC role * update 73387 with inputs for MaxConnIdleTime * update LegalNoticeCaption input for 73649 * update 73607 check for DoD interoperabilty certs * update 78127 language * control updates to 73785 and 73803 * update 73783 * update 73775 to NOT a domain controller check * check for AD only system in 73771 * check for 73775 for AD only flag * read AD only flag for 73775 * check for AD in 73759 * update 73749 to use 'be_in' * update 73733 to use 'be_in' * update 73731 to use 'be_in' * minor edits to 73379 * check for SMBv1 in 78123 and 78125 * add check for no accounts or groups to 73783 * Update Review.md * Update Review.md * Update Review.md * address incorrect if statement issue #6 * fix incorrect NIST tag issue #7 * fix temporary account check. issue #8 * fixes issue #9 * Update Review.md * Update Review.md * Update Review.md * fix for issue #11 * Update Review.md * fix issue #12 * fix issue #13 * fix issue #13 * fix issue #17 * fix issue #18 * fix for issue #19 * fix issue #16: NIST tag duplication (#20) * v-73607: minor edit; v-73223: account all systems * update V-73231 * update V-73247 * update V-73391 * minor edit to v-73391 * update V-73391 to be more readable * update V-73249 * update v-73249 and v-73251 * update V-73249 and V-73251 * remove commented lines from V-73251 * update V-73253 * remove comments * update V-73255 * remove comments * update V-73369 * update V-73381 * update V-73375 * fixes issue #22 * update V-73255 for readability * control fixes so inspec v4.18 can run execute (#21) * control fixes so inspec v4.18 can run execute * update inspec.yml * fixes for issue #14 * fixes for issue #15 * fix for issue #14 Co-authored-by: Rony Xavier <rx294@nyu.edu> Co-authored-by: Aaron Lippold <lippold@gmail.com>
aaronlippold
added a commit
that referenced
this issue
Feb 10, 2020
* first simple pass for the profile * update 73615 to use Windows 2016 PS commands * change attributes to inputs * move attributes to inside the control code * updates related to legal notice text and caption * update 73221 to correct domain roles and AD check * update 73259 to check for DC role * update 73261 to account for DC role * update 73387 with inputs for MaxConnIdleTime * update LegalNoticeCaption input for 73649 * update 73607 check for DoD interoperabilty certs * update 78127 language * control updates to 73785 and 73803 * update 73783 * update 73775 to NOT a domain controller check * check for AD only system in 73771 * check for 73775 for AD only flag * read AD only flag for 73775 * check for AD in 73759 * update 73749 to use 'be_in' * update 73733 to use 'be_in' * update 73731 to use 'be_in' * minor edits to 73379 * check for SMBv1 in 78123 and 78125 * add check for no accounts or groups to 73783 * Update Review.md * Update Review.md * Update Review.md * address incorrect if statement issue #6 * fix incorrect NIST tag issue #7 * fix temporary account check. issue #8 * fixes issue #9 * Update Review.md * Update Review.md * Update Review.md * fix for issue #11 * Update Review.md * fix issue #12 * fix issue #13 * fix issue #13 * fix issue #17 * fix issue #18 * fix for issue #19 * fix issue #16: NIST tag duplication (#20) * v-73607: minor edit; v-73223: account all systems * update V-73231 * update V-73247 * update V-73391 * minor edit to v-73391 * update V-73391 to be more readable * update V-73249 * update v-73249 and v-73251 * update V-73249 and V-73251 * remove commented lines from V-73251 * update V-73253 * remove comments * update V-73255 * remove comments * update V-73369 * update V-73381 * update V-73375 * fixes issue #22 * update V-73255 for readability * control fixes so inspec v4.18 can run execute (#21) * control fixes so inspec v4.18 can run execute * update inspec.yml * fixes for issue #14 * fixes for issue #15 * fix for issue #14 * update check, fix tags to use new desc format (#23) Co-authored-by: Krishna Kola <kkola@digitalinfuzion.com> Co-authored-by: Rony Xavier <rx294@nyu.edu>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
https://github.com/mitre/stig-microsoft-windows-server-2016-v1r4-baseline/blob/4e835f41b8153ed1b9b1e381a5754ba75d0d2f64/controls/V-73255.rb#L109-L124
The other keys like
HKLM:\Software
andHKLM:System
return their ACLs when executing Get-ACLThe text was updated successfully, but these errors were encountered: