Unix Compliance Check Command Chain Errors

Summary:

In order to audit a unix system, a number of commands are run to gather information from various files or process sources. We identified a number of checks that use shared functions which may have provided false positive or false negative results if a command in an upstream function errored.

Most of these errors should be related to permissions, timeouts, connection failures, or an inability of the command to return to the command prompt.

This fix is put in place to provide a WARNING when any command in the evaluation of the check causes an error.

As an example, without this update, if an SSH connection failed during the execution of a file content check the compliance result was presented as a failure with a message like "The file XXXXX could not be found." This was inaccurate as the message seemed to convey that the file was not found by the scan when actually the issue was the scan could not evaluate the file due to a broken connection.

Going forward this scenario would result in a compliance result of warning and a message captured from the failing command in the chain.

Potential Impacts:

Any audit item that took advantage of the passive error condition to provide results may either flip its result or start producing an error condition.

Tenable Plugins:

21157 - Unix Compliance Plugin

Target Release Date:

2 November 2020

Additional Notes:

------------------------------------------------------------------------------------------------Tenable Research Release Highlights are posted in advance of significant new releases or updates to existing plugins or audit files that are important for early customer notification.