Elgato_dark/fleet
1
0
Fork 0
mirror of https://github.com/fleetdm/fleet synced 2026-05-20 23:48:52 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 109

Add policies (#6158)

Browse source 
* Adding policy query to check firewall on Mac

This commit closes https://github.com/fleetdm/confidential/issues/1410 once merged.

* Adding policies

This commit closes https://github.com/fleetdm/confidential/issues/1412. Right now there is no way to check the screenlock so instead we check if a profile for screenlock is there.

https://github.com/fleetdm/confidential/issues/1410 also closed by this.

* Update constants.ts

Fixed space

* Resolution text fix for new policies

Fixed copy based on @zhumo's comments!
This commit is contained in:
Guillaume Ross 2022-06-09 15:20:30 -04:00 committed by GitHub
parent 1874a30a40
commit 38aaaffd65
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 43 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

26
docs/01-Using-Fleet/standard-query-library/standard-query-library.yml
View file

@ -677,8 +677,6 @@ spec:
tags: compliance, ssh, built-in
contributors: GuillaumeRoss
platform: darwin,linux,windows
contributors: GuillaumeRoss
---
apiVersion: v1
kind: policy
@ -690,3 +688,27 @@ spec:
platforms: Windows
tags: malware, hunting
contributors: kswagler-rh
---
apiVersion: v1
kind: policy
spec:
name: Firewall enabled (macOS)
query: SELECT 1 FROM alf WHERE global_state >= 1;
description: "Checks if the firewall is enabled."
resolution: "In System Preferences, open Security & Privacy, navigate to the Firewall tab and click Turn On Firewall."
platforms: macOS
tags: hardening, compliance, built-in
platform: darwin
contributors: GuillaumeRoss
---
apiVersion: v1
kind: policy
spec:
name: Screen lock enabled via MDM profile (macOS)
query: SELECT 1 FROM managed_policies WHERE name='askForPassword' AND value='1';
description: "Checks that a MDM profile configures the screen lock."
resolution: "Contact your IT administrator to help you enroll your computer in your organization's MDM. If already enrolled, ask your IT administrator to enable the screen lock feature in the profile configuration."
platforms: macOS
tags: compliance, hardening, built-in
platform: darwin
contributors: GuillaumeRoss

19
frontend/utilities/constants.ts
View file

@ -140,6 +140,25 @@ export const DEFAULT_POLICIES = [
"To enable System Integrity Protection, on the failing device, run the following command in the Terminal app: /usr/sbin/spctl --master-enable.",
platform: "darwin",
},
{
key: 13,
query: "SELECT 1 FROM alf WHERE global_state >= 1;",
name: "Firewall enabled (macOS)",
description: "Checks if the firewall is enabled.",
resolution:
"In System Preferences, open Security & Privacy, navigate to the Firewall tab and click Turn On Firewall.",
platform: "darwin",
},
{
key: 14,
query:
"SELECT 1 FROM managed_policies WHERE name='askForPassword' AND value='1';",
name: "Screen lock enabled via MDM profile (macOS)",
description: "Checks that a MDM profile configures the screen lock",
resolution:
"Contact your IT administrator to help you enroll your computer in your organization's MDM. If already enrolled, ask your IT administrator to enable the screen lock feature in the profile configuration.",
platform: "darwin",
},
] as IPolicyNew[];
export const FREQUENCY_DROPDOWN_OPTIONS = [