Merge pull request mvdbent#5 from davidyoondrums/main

Permission changed to 400 to satisfy Jamf Protect Insight
monodata · Nov 11, 2021 · a5d2bd8 · a5d2bd8
2 parents 2228636 + d5ec488
commit a5d2bd8
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 2 deletions.
diff --git a/Fragments/OrgScores/OrgScore3_4.sh b/Fragments/OrgScores/OrgScore3_4.sh
@@ -28,7 +28,7 @@ if [[ "${auditResult}" == "1" ]]; then
 			cp /etc/security/audit_control /etc/security/audit_control_old
 			oldExpireAfter=$(grep -E "expire-after" /etc/security/audit_control)
 			sed "s/${oldExpireAfter}/expire-after:60d OR 1G/g" /etc/security/audit_control_old > /etc/security/audit_control
-			chmod 644 /etc/security/audit_control
+			chmod 400 /etc/security/audit_control
 			chown root:wheel /etc/security/audit_control
 			# re-check
 			auditRetention="$(grep -c "expire-after:60d OR 1G" /etc/security/audit_control)"	

diff --git a/Fragments/OrgScores/OrgScore3_5.sh b/Fragments/OrgScores/OrgScore3_5.sh
@@ -28,7 +28,7 @@ if [[ "${auditResult}" == "1" ]]; then
 		# Remediation
 		if [[ "${remediateResult}" == "enabled" ]]; then
 			chown -R root:wheel /var/audit
-			chmod -R 440 /var/audit
+			chmod -R 400 /var/audit
 			chown root:wheel /etc/security/audit_control
 			chmod 400 /etc/security/audit_control
 			# re-check