mirror of
https://github.com/fleetdm/fleet
synced 2026-05-22 16:39:01 +00:00
02437a098e
Closes: #19271 Closes: #19286 Changes: - Updated the example in the schema folder readme - Updated the block scalar used in Fleet's osquery override documentation (`>-` » `|-`) and removed extra newlines - Updated the block scalar used in URLs used to create new yaml override files - Regenerated osqeury_fleet_schema.json
11 lines
331 B
YAML
11 lines
331 B
YAML
name: suid_bin
|
|
examples: |-
|
|
Identify unsigned executables with suid privileges.
|
|
|
|
```
|
|
SELECT s.path, s.username, s.permissions, sig.signed, sig.team_identifier, sig.authority FROM suid_bin s JOIN signature sig on s.path = sig.path WHERE sig.signed='0';
|
|
```
|
|
columns:
|
|
- name: pid_with_namespace
|
|
platforms:
|
|
- linux
|