Archive

Posts Tagged ‘Information Security’

CIS RHEL hardening script – fixing non-working Sed expressions (unknown option to `s’)

October 30, 2015 Leave a comment

I do not know what they were thinking about (and testing!) but the sed regular expressions below did not work on neither of my instances of RHEL (CIS remediation script version 1.4.0):

# Set nodev option for /tmp Partition
echo
echo \*\*\*\* Set\ nodev\ option\ for\ /tmp\ Partition
egrep -q “^(\s*\S+\s+)/tmp(\s+\S+\s+\S+)(\s+\S+\s+\S+)(\s*#.*)?\s*$” /etc/fstab && sed -ri “s/^(\s*\S+\s+)/tmp(\s+\S+\s+\S+)(\s+\S+\s+\S+)(\s*#.*)?\s*$/\1/tmp\2nodev\3\4/” /etc/fstab

# Set nosuid option for /tmp Partition
echo
echo \*\*\*\* Set\ nosuid\ option\ for\ /tmp\ Partition
egrep -q “^(\s*\S+\s+)/tmp(\s+\S+\s+\S+)(\s+\S+\s+\S+)(\s*#.*)?\s*$” /etc/fstab && sed -ri “s/^(\s*\S+\s+)/tmp(\s+\S+\s+\S+)(\s+\S+\s+\S+)(\s*#.*)?\s*$/\1/tmp\2nosuid\3\4/” /etc/fstab

# Set noexec option for /tmp Partition
echo
echo \*\*\*\* Set\ noexec\ option\ for\ /tmp\ Partition
egrep -q “^(\s*\S+\s+)/tmp(\s+\S+\s+\S+)(\s+\S+\s+\S+)(\s*#.*)?\s*$” /etc/fstab && sed -ri “s/^(\s*\S+\s+)/tmp(\s+\S+\s+\S+)(\s+\S+\s+\S+)(\s*#.*)?\s*$/\1/tmp\2noexec\3\4/” /etc/fstab

All of them were throwing a very annoying:

sed: -e expression #1, char 61: unknown option to `s'

Read more…

Advertisements

Legal aspects of non-repudiation in digital world

September 25, 2015 Leave a comment

Just read an interesting research paper on various aspects of non-repudiation in the context of digital environments .

Authors discuss legal aspects in different legal systems and come to a conclusion that:

… deployment of a trusted computing system for digital signatures is the only secure option, resulting in a legal position where the onus of proof for the electronic environment is equivalent to the paper-based environment. If a trusted computing system is used to affect a digital signature, then and only then can the onus of proof lie with the recipient in the same manner that exits in the paper-based world. Without a trusted computing system, neither party – the signer or the recipient – is in a position to produce the necessary evidence to prove their respective case.

MCCULLAGH, Adrian; CAELLI, William. Non-repudiation in the digital environment. First Monday, [S.l.], aug. 2000. ISSN 13960466. Available at: <http://www.firstmonday.org/ojs/index.php/fm/article/view/778/687>.

p.s. Not that I really enjoy reading this sort of essays but this one came really useful while I was working on a RFP response…

Categories: Security Tags: