gardenlinux icon indicating copy to clipboard operation
gardenlinux copied to clipboard
verified publisher icon gardenlinux

CIS Feature: Overall Review

Open gyptazy opened this issue 3 years ago • 0 comments

What would you like to be added: A final overall review of the new CIS feature should be done by someone else who wasn't working mainly (@gyptazy & @chrinorse) on this feature.

:small_red_triangle: Note: We can only start with the final review when all related task in #647 are completed. Do not start before! :small_red_triangle:

This should cover:

  • [ ] Validating the related changes to Garden Linux (OS related)
  • [ ] Validating the custom check scripts that have been added/modded (this was needed e.g. for replacing Tripwire with AIDE, AppArmor with SELinux, ..). These files can be found here: https://github.com/gardenlinux/gardenlinux/tree/main/features/cis/test/check_scripts
  • [ ] Validating the whitelisted checks (may be we can change some settings and perform checks, ...). These ones can be found here: https://github.com/gardenlinux/gardenlinux/tree/main/features/cis/test/conf.d
  • [ ] Validating that all scored checks are covered and handled in any way (Compare with https://learn.cisecurity.org/benchmarks)

Why is this needed: We need to make sure that we have really covered all action points and should have this reviewed by someone else.

gyptazy avatar Apr 29 '22 06:04 gyptazy