Skip to content

Commit

Permalink
issue 23
Browse files Browse the repository at this point in the history
  • Loading branch information
krispayne authored Nov 30, 2016
1 parent 54b6408 commit b4866fa
Showing 1 changed file with 8 additions and 2 deletions.
10 changes: 8 additions & 2 deletions ElCapitan_CIS.sh
Original file line number Diff line number Diff line change
Expand Up @@ -726,8 +726,14 @@ systemAccess() {

# 5.11 Disable ability to login to another user's active and locked session
# Level 1 Scored
# Need sed here to edit /etc/pam.d/screensaver
# I believe this is off by default.

if [[ $(grep -ic "group=admin,wheel fail_safe" /etc/pam.d/screensaver) -eq 0 ]]; then
ScriptLogging " Admins disabled from unlocking other users sessions."
else
ScriptLogging " Admins allowed to unlock other users sessions...."
sed -i.bak s/admin,//g /etc/pam.d/screensaver
ScriptLogging " Admins disabled from unlocking other users sessions."
fi

# 5.12 Create a custom message for the Login Screen
# Level 1 Scored
Expand Down

0 comments on commit b4866fa

Please sign in to comment.