[23:16] <sarnold> hallyn: hey :) we've got some CIS compliance tooling, eg https://ubuntu.com/security/certifications/docs/usg/cis/compliance -- I don't know how much we contribute to the CIS benchmarks themselves, but I wouldn't be surprised if we could communicate with them over specific pieces of bad advice
[23:17] <sarnold> hallyn: I wonder if that "solution" is specifically a tenable suggestion or a CIS suggestion; blindly running a sudo find .. -exec chmod seems like a horrible suggestion
[23:19] <konstruktoid> I know that a couple of Ubuntu folks comment and help update CIS benchmarks
[23:20] <konstruktoid> > hey sarnold - just wondering, do you know whether you all have any involvment with this: https://www.tenable.com/audits/items/DISA_STIG_Ubuntu_20.04_LTS_v1r5.audit:a9e7d4a8941a4fee48cbec0b5e72484a ?
[23:20] <konstruktoid> But this isn't CIS, but DISA STIG
[23:21] <sarnold> d'oh
[23:21] <sarnold> I saw 'stig' and then my mind went blank on the details
[23:22] <sarnold> we've got some disa stig compliance tools, too https://ubuntu.com/security/certifications/docs/disa-stig/audit
[23:22] <sarnold> thanks konstruktoid