We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
There was an error while loading. Please reload this page.
1 parent f0a3f60 commit 9f4f071Copy full SHA for 9f4f071
1 file changed
controls/sysctl_spec.rb
@@ -437,8 +437,9 @@
437
impact 1.0
438
title 'Restrict ptrace attach to privileged users'
439
desc 'Ensure kernel.yama.ptrace_scope is set to at least 2 so unprivileged users cannot attach ptrace to arbitrary processes.'
440
- only_if { !container_execution }
+ # exclude SuSE because it does not have this parameter
441
+ only_if { !(container_execution || os.suse?) }
442
describe kernel_parameter('kernel.yama.ptrace_scope') do
- its(:value) { should eq(2).or eq(3).or eq(nil) } # include nil because SuSE does not have this parameter
443
+ its(:value) { should >= 2 }
444
end
445
0 commit comments