From 535ea715a4bd3db4e7e4ca36ceae5f92c9f53cc9 Mon Sep 17 00:00:00 2001 From: Sharon Katz <121527325+sharon-fdm@users.noreply.github.com> Date: Mon, 20 Mar 2023 11:50:35 -0400 Subject: [PATCH] Reformat MAC CIS 6.3.5 queries (#10560) --- ee/cis/macos-13/cis-policy-queries.yml | 44 ++++++++++++-------------- 1 file changed, 20 insertions(+), 24 deletions(-) diff --git a/ee/cis/macos-13/cis-policy-queries.yml b/ee/cis/macos-13/cis-policy-queries.yml index f18af5b701..9cdabd11da 100644 --- a/ee/cis/macos-13/cis-policy-queries.yml +++ b/ee/cis/macos-13/cis-policy-queries.yml @@ -2762,18 +2762,16 @@ spec: /Users//Library/Containers/com.apple.Safari/Data/Library/Preferences /com.apple.Safari WBSPrivacyProxyAvailabilityTraffic -int 130276 query: | - SELECT 1 WHERE - NOT EXISTS( - SELECT 1 FROM plist - WHERE path LIKE "/Users/%/Library/Containers/com.apple.Safari/Data/Library/Preferences/com.apple.Safari.plist" - AND key = "WBSPrivacyProxyAvailabilityTraffic" - AND ((value >> 2) & 1) == 0 - ) - AND EXISTS( - SELECT 1 FROM plist - WHERE path LIKE "/Users/%/Library/Containers/com.apple.Safari/Data/Library/Preferences/com.apple.Safari.plist" - AND key = "WBSPrivacyProxyAvailabilityTraffic" - AND ((value >> 2) & 1) == 1 + SELECT 1 WHERE NOT EXISTS ( + SELECT 1 FROM users AS u + LEFT JOIN ( + SELECT * FROM plist WHERE + path LIKE '/Users/%/Library/Containers/com.apple.Safari/Data/Library/Preferences/com.apple.Safari.plist' AND + key = 'WBSPrivacyProxyAvailabilityTraffic' AND + ((value >> 2) & 1) = 1) AS p + ON p.path = CONCAT(u.directory, '/Library/Containers/com.apple.Safari/Data/Library/Preferences/com.apple.Safari.plist') + WHERE u.directory LIKE '/Users/%' AND + p.value IS NULL ); purpose: Informational tags: compliance, CIS, CIS_Level1, CIS-macos-13-6.3.5-enabled, decision-needed @@ -2797,18 +2795,16 @@ spec: /Users//Library/Containers/com.apple.Safari/Data/Library/Preferences /com.apple.Safari WBSPrivacyProxyAvailabilityTraffic -int 130272 query: | - SELECT 1 WHERE - NOT EXISTS( - SELECT 1 FROM plist - WHERE path LIKE "/Users/%/Library/Containers/com.apple.Safari/Data/Library/Preferences/com.apple.Safari.plist" - AND key = "WBSPrivacyProxyAvailabilityTraffic" - AND ((value >> 2) & 1) == 1 - ) - AND EXISTS( - SELECT 1 FROM plist - WHERE path LIKE "/Users/%/Library/Containers/com.apple.Safari/Data/Library/Preferences/com.apple.Safari.plist" - AND key = "WBSPrivacyProxyAvailabilityTraffic" - AND ((value >> 2) & 1) == 0 + SELECT 1 WHERE NOT EXISTS ( + SELECT 1 FROM users AS u + LEFT JOIN ( + SELECT * FROM plist WHERE + path LIKE '/Users/%/Library/Containers/com.apple.Safari/Data/Library/Preferences/com.apple.Safari.plist' AND + key = 'WBSPrivacyProxyAvailabilityTraffic' AND + ((value >> 2) & 1) = 0) AS p + ON p.path = CONCAT(u.directory, '/Library/Containers/com.apple.Safari/Data/Library/Preferences/com.apple.Safari.plist') + WHERE u.directory LIKE '/Users/%' AND + p.value IS NULL ); purpose: Informational tags: compliance, CIS, CIS_Level1, CIS-macos-13-6.3.5-disabled, decision-needed