From af7915c01f19a5ad095d3ddb9a1bf87e09701fe5 Mon Sep 17 00:00:00 2001 From: zzh Date: Fri, 16 Aug 2024 18:24:18 +0800 Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E6=94=B9=E5=AE=89=E5=85=A8=E5=9F=BA?= =?UTF-8?q?=E7=BA=BF=E6=A3=80=E6=9F=A5=E7=9B=B8=E5=85=B3=E5=91=BD=E4=BB=A4?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../baseline/OPENGAUSS.G_1/OPENGAUSS.O_6.G_1.R_4.md | 2 +- .../baseline/OPENGAUSS.G_2/OPENGAUSS.O_6.G_2.R_2.md | 2 +- ...05\250\351\205\215\347\275\256\345\237\272\347\272\277.md" | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/secure-configuration-benchmark/baseline/OPENGAUSS.G_1/OPENGAUSS.O_6.G_1.R_4.md b/secure-configuration-benchmark/baseline/OPENGAUSS.G_1/OPENGAUSS.O_6.G_1.R_4.md index 4b159d1..5ea244b 100644 --- a/secure-configuration-benchmark/baseline/OPENGAUSS.G_1/OPENGAUSS.O_6.G_1.R_4.md +++ b/secure-configuration-benchmark/baseline/OPENGAUSS.G_1/OPENGAUSS.O_6.G_1.R_4.md @@ -31,7 +31,7 @@ OPENGAUSS.O_6.G_1.R_4 执行如下SQL语句检查是否存在不限制连接数的数据库: ```sql -SELECT datname FROM pg_database WHERE datistemplate = false AND datconnlimit = -1; +SELECT datname FROM pg_database WHERE datistemplate = false AND (datconnlimit = -1 OR datconnlimit > 1024); ``` **修复方法:** diff --git a/secure-configuration-benchmark/baseline/OPENGAUSS.G_2/OPENGAUSS.O_6.G_2.R_2.md b/secure-configuration-benchmark/baseline/OPENGAUSS.G_2/OPENGAUSS.O_6.G_2.R_2.md index 32264c9..eda2326 100644 --- a/secure-configuration-benchmark/baseline/OPENGAUSS.G_2/OPENGAUSS.O_6.G_2.R_2.md +++ b/secure-configuration-benchmark/baseline/OPENGAUSS.G_2/OPENGAUSS.O_6.G_2.R_2.md @@ -30,7 +30,7 @@ OPENGAUSS.O_6.G_2.R_2 执行如下 shell 命令,如果返回 `${GAUSSHOME}/share` 目录则失败。 ```bash -find ${GAUSSHOME}/share -prune -type d \( -perm -g=w -o -perm -o=w \) -exec ls -ld {} \; +find ${GAUSSHOME}/share -prune -perm /g=rwx,o=rwx ``` **修复方法:** diff --git "a/secure-configuration-benchmark/release/openGauss\345\256\211\345\205\250\351\205\215\347\275\256\345\237\272\347\272\277.md" "b/secure-configuration-benchmark/release/openGauss\345\256\211\345\205\250\351\205\215\347\275\256\345\237\272\347\272\277.md" index ec2b7af..7fcc8a8 100644 --- "a/secure-configuration-benchmark/release/openGauss\345\256\211\345\205\250\351\205\215\347\275\256\345\237\272\347\272\277.md" +++ "b/secure-configuration-benchmark/release/openGauss\345\256\211\345\205\250\351\205\215\347\275\256\345\237\272\347\272\277.md" @@ -181,7 +181,7 @@ OPENGAUSS.O_6.G_1.R_4 执行如下SQL语句检查是否存在不限制连接数的数据库: ```sql -SELECT datname FROM pg_database WHERE datistemplate = false AND datconnlimit = -1; +SELECT datname FROM pg_database WHERE datistemplate = false AND (datconnlimit = -1 OR datconnlimit > 1024); ``` **修复方法:** @@ -727,7 +727,7 @@ OPENGAUSS.O_6.G_2.R_2 执行如下 shell 命令,如果返回 `${GAUSSHOME}/share` 目录则失败。 ```bash -find ${GAUSSHOME}/share -prune -type d \( -perm -g=w -o -perm -o=w \) -exec ls -ld {} \; +find ${GAUSSHOME}/share -prune -perm /g=rwx,o=rwx ``` **修复方法:** -- Gitee