From 4a07f87e6fdcb0b40b2b8ff35b3403857ff0fdb0 Mon Sep 17 00:00:00 2001
From: Huang Huang <mozillazg101@gmail.com>
Date: Wed, 11 Dec 2019 02:57:07 +0800
Subject: [PATCH] Fix remediations about file permission (#534)

* Fix remediation of 2.2.3 in cis-1.3

* Fix remediation of 4.1.1 in cis-1.5
---
 cfg/cis-1.3/node.yaml | 2 +-
 cfg/cis-1.5/node.yaml | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/cfg/cis-1.3/node.yaml b/cfg/cis-1.3/node.yaml
index e8e0d9f..be93267 100644
--- a/cfg/cis-1.3/node.yaml
+++ b/cfg/cis-1.3/node.yaml
@@ -423,7 +423,7 @@ groups:
     remediation: |
       Run the below command (based on the file location on your system) on the each worker
       node. For example,
-      chmod 755 $kubeletsvc
+      chmod 644 $kubeletsvc
     scored: true
 
   - id: 2.2.4
diff --git a/cfg/cis-1.5/node.yaml b/cfg/cis-1.5/node.yaml
index ba2a81d..31646f1 100644
--- a/cfg/cis-1.5/node.yaml
+++ b/cfg/cis-1.5/node.yaml
@@ -32,7 +32,7 @@ groups:
     remediation: |
       Run the below command (based on the file location on your system) on the each worker node. 
       For example, 
-      chmod 755 $kubeletsvc 
+      chmod 644 $kubeletsvc 
     scored: true
 
   - id: 4.1.2
-- 
GitLab