| === chris14_ is now known as chris14 | ||
| sarnold | hallyn: hey :) we've got some CIS compliance tooling, eg https://ubuntu.com/security/certifications/docs/usg/cis/compliance -- I don't know how much we contribute to the CIS benchmarks themselves, but I wouldn't be surprised if we could communicate with them over specific pieces of bad advice | 23:16 |
|---|---|---|
| sarnold | hallyn: I wonder if that "solution" is specifically a tenable suggestion or a CIS suggestion; blindly running a sudo find .. -exec chmod seems like a horrible suggestion | 23:17 |
| konstruktoid | I know that a couple of Ubuntu folks comment and help update CIS benchmarks | 23:19 |
| konstruktoid | > hey sarnold - just wondering, do you know whether you all have any involvment with this: https://www.tenable.com/audits/items/DISA_STIG_Ubuntu_20.04_LTS_v1r5.audit:a9e7d4a8941a4fee48cbec0b5e72484a ? | 23:20 |
| konstruktoid | But this isn't CIS, but DISA STIG | 23:20 |
| sarnold | d'oh | 23:21 |
| sarnold | I saw 'stig' and then my mind went blank on the details | 23:21 |
| sarnold | we've got some disa stig compliance tools, too https://ubuntu.com/security/certifications/docs/disa-stig/audit | 23:22 |
| sarnold | thanks konstruktoid | 23:22 |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!