class Inspec::Resources::SecurityPolicy
Public Class Methods
new(opts = {})
click to toggle source
# File lib/inspec/resources/security_policy.rb, line 83 def initialize(opts = {}) @translate_sid = opts[:translate_sid] || false end
Public Instance Methods
content()
click to toggle source
# File lib/inspec/resources/security_policy.rb, line 87 def content read_content end
method_missing(name)
click to toggle source
# File lib/inspec/resources/security_policy.rb, line 97 def method_missing(name) params = read_params return nil if params.nil? # deep search for hash key params.extend Hashie::Extensions::DeepFind res = params.deep_find(name.to_s) # return an empty array if configuration does not include rights configuration return [] if res.nil? && MS_PRIVILEGES_RIGHTS.include?(name.to_s) res end
params(*opts)
click to toggle source
# File lib/inspec/resources/security_policy.rb, line 91 def params(*opts) opts.inject(read_params) do |res, nxt| res.respond_to?(:key) ? res[nxt] : nil end end
to_s()
click to toggle source
# File lib/inspec/resources/security_policy.rb, line 111 def to_s "Security Policy" end
Private Instance Methods
convert_hash(hash)
click to toggle source
# File lib/inspec/resources/security_policy.rb, line 174 def convert_hash(hash) new_hash = {} hash.each do |k, v| v.is_a?(Hash) ? value = convert_hash(v) : value = extract_value(k, v) new_hash[k.strip] = value end new_hash end
extract_value(key, val)
click to toggle source
extracts the values, this methods detects: numbers and SIDs and optimizes them for further usage
# File lib/inspec/resources/security_policy.rb, line 150 def extract_value(key, val) if val =~ /^\d+$/ val.to_i # special handling for SID array elsif val =~ /[,]{0,1}\*\S/ if @translate_sid val.split(",").map do |v| object_name = inspec.command("(New-Object System.Security.Principal.SecurityIdentifier(\"#{v.sub("*S", "S")}\")).Translate( [System.Security.Principal.NTAccount]).Value").stdout.to_s.strip object_name.empty? || object_name.nil? ? v.sub("*S", "S") : object_name end else val.split(",").map do |v| v.sub("*S", "S") end end # special handling for string values with " elsif !(m = /^\"(.*)\"$/.match(val)).nil? m[1] else # When there is Registry Values we are not spliting the value for backward compatibility key.include?("\\") ? val : val.split(",") end end
read_content()
click to toggle source
# File lib/inspec/resources/security_policy.rb, line 117 def read_content return @content if defined?(@content) # using process pid to prevent any race conditions with multiple runners export_file = "win_secpol-#{Process.pid}.cfg" # export the security policy cmd = inspec.command("secedit /export /cfg #{export_file}") return nil if cmd.exit_status.to_i != 0 # store file content cmd = inspec.command("Get-Content #{export_file}") return skip_resource "Can't read security policy" if cmd.exit_status.to_i != 0 @content = cmd.stdout ensure # delete temp file inspec.command("Remove-Item #{export_file}").exit_status.to_i end
read_params()
click to toggle source
# File lib/inspec/resources/security_policy.rb, line 137 def read_params return @params if defined?(@params) return @params = {} if read_content.nil? conf = SimpleConfig.new( @content, assignment_regex: /^\s*(.*)=\s*(\S*)\s*$/ ) @params = convert_hash(conf.params) end