From d8b3a1c7bbb401972296464e49743c622c8811c4 Mon Sep 17 00:00:00 2001
From: Sharon Katz <121527325+sharon-fdm@users.noreply.github.com>
Date: Tue, 22 Oct 2024 09:54:19 -0400
Subject: [PATCH] Fix CIS query (#23062)
---
ee/cis/macos-13/cis-policy-queries.yml | 18 ++++--------------
ee/cis/macos-14/cis-policy-queries.yml | 17 ++++-------------
2 files changed, 8 insertions(+), 27 deletions(-)
diff --git a/ee/cis/macos-13/cis-policy-queries.yml b/ee/cis/macos-13/cis-policy-queries.yml
index 5d1b1e9ba5..043d4bd418 100644
--- a/ee/cis/macos-13/cis-policy-queries.yml
+++ b/ee/cis/macos-13/cis-policy-queries.yml
@@ -3481,20 +3481,10 @@ spec:
2. The key to include is ShowOverlayStatusBar
3. The key must be set to:
query: |
- SELECT 1 WHERE
- EXISTS (
- SELECT 1 FROM managed_policies WHERE
- domain='com.apple.Safari' AND
- name='ShowOverlayStatusBar' AND
- (value = 1 OR value = 'true') AND
- username = ''
- )
- AND NOT EXISTS (
- SELECT 1 FROM managed_policies WHERE
- domain='com.apple.Safari' AND
- name='ShowOverlayStatusBar' AND
- (value != 1 AND value != 'true')
- );
+ SELECT 1 FROM managed_policies WHERE
+ domain='com.apple.Safari' AND
+ name='ShowOverlayStatusBar' AND
+ (value = 1 OR value = 'true');
purpose: Informational
tags: compliance, CIS, CIS_Level1
contributors: defensivedepth
diff --git a/ee/cis/macos-14/cis-policy-queries.yml b/ee/cis/macos-14/cis-policy-queries.yml
index 250f3acdba..1ad66a3a2e 100644
--- a/ee/cis/macos-14/cis-policy-queries.yml
+++ b/ee/cis/macos-14/cis-policy-queries.yml
@@ -3462,19 +3462,10 @@ spec:
2. The key to include is ShowOverlayStatusBar
3. The key must be set to:
query: |
- SELECT 1 WHERE
- EXISTS (
- SELECT 1 FROM managed_policies WHERE
- domain='com.apple.Safari' AND
- name='ShowOverlayStatusBar' AND
- (value = 1 OR value = 'true')
- )
- AND NOT EXISTS (
- SELECT 1 FROM managed_policies WHERE
- domain='com.apple.Safari' AND
- name='ShowOverlayStatusBar' AND
- (value != 1 AND value != 'true')
- );
+ SELECT 1 FROM managed_policies WHERE
+ domain='com.apple.Safari' AND
+ name='ShowOverlayStatusBar' AND
+ (value = 1 OR value = 'true');
purpose: Informational
tags: compliance, CIS, CIS_Level1
contributors: defensivedepth