github/falco
1
0
Fork 0
mirror of https://github.com/falcosecurity/falco.git synced 2025-09-16 14:58:31 +00:00
Code Issues Projects Releases Wiki Activity

Let salt-minion read sensitive files.

Browse Source
This commit is contained in:
Mark Stemm
2017-11-08 13:42:24 -08:00
parent 2467766f07
commit 85f51cf38c
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
rules/falco_rules.yaml
View File

@@ -765,7 +765,7 @@
and not proc.name in (user_mgmt_binaries, userexec_binaries, package_mgmt_binaries, and not proc.name in (user_mgmt_binaries, userexec_binaries, package_mgmt_binaries,
cron_binaries, read_sensitive_file_binaries, shell_binaries, hids_binaries, cron_binaries, read_sensitive_file_binaries, shell_binaries, hids_binaries,
vpn_binaries, mail_config_binaries, nomachine_binaries, sshkit_script_binaries, vpn_binaries, mail_config_binaries, nomachine_binaries, sshkit_script_binaries,
in.proftpd, mandb) in.proftpd, mandb, salt-minion)
and not cmp_cp_by_passwd and not cmp_cp_by_passwd
and not ansible_running_python and not ansible_running_python
and not proc.cmdline contains /usr/bin/mandb and not proc.cmdline contains /usr/bin/mandb