Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

macos: password_policy table, use -1 as sentinel value for uid column #7699

Merged
merged 1 commit into from
Jul 28, 2022
Merged

macos: password_policy table, use -1 as sentinel value for uid column #7699

merged 1 commit into from
Jul 28, 2022

Conversation

sharvilshah
Copy link
Member

uid is now -1 for global password policies.

Addresses #7688

@sharvilshah sharvilshah requested review from a team as code owners July 21, 2022 15:28
directionless
directionless approved these changes Jul 21, 2022
View reviewed changes
Copy link
Member

@directionless directionless left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Does this do the right thing for where uid = -1 ?

@mike-myers-tob mike-myers-tob added virtual tables macOS ready for review Pull requests that are ready to be reviewed by a maintainer labels Jul 21, 2022
@sharvilshah
Copy link
Member Author

Does this do the right thing for where uid = -1 ?

osquery> select * from password_policy;
+-----+-------------------------------------------------------------------------+----------------------------------------------------------------+-----------------------------------------------------------+
| uid | policy_identifier                                                       | policy_content                                                 | policy_description                                        |
+-----+-------------------------------------------------------------------------+----------------------------------------------------------------+-----------------------------------------------------------+
| -1  | ProfilePayload:683bc67c-5069-4b85-ba8e-f0fbef595e39:minLength           | policyAttributePassword matches '.{10,}'                       | Contain at least 10 characters.                           |
| -1  | com.apple.defaultpasswordpolicy.fde                                     | policyAttributePassword matches '.{4,}+'                       | Enter a password that is four characters or more.         |
| -1  | ProfilePayload:683bc67c-5069-4b85-ba8e-f0fbef595e39:requireAlphanumeric | policyAttributePassword matches '^(?=.*[0-9])(?=.*[a-zA-Z]).+' | Contain at least one number and one alphabetic character. |
| 502 | com.apple.policy.legacy.minChars                                        | policyAttributePassword matches '.{12,}?'                      | Must be a minimum of 12 characters in length              |
+-----+-------------------------------------------------------------------------+----------------------------------------------------------------+-----------------------------------------------------------+
osquery> select * from password_policy where uid = -1;
+-----+-------------------------------------------------------------------------+----------------------------------------------------------------+-----------------------------------------------------------+
| uid | policy_identifier                                                       | policy_content                                                 | policy_description                                        |
+-----+-------------------------------------------------------------------------+----------------------------------------------------------------+-----------------------------------------------------------+
| -1  | ProfilePayload:683bc67c-5069-4b85-ba8e-f0fbef595e39:minLength           | policyAttributePassword matches '.{10,}'                       | Contain at least 10 characters.                           |
| -1  | com.apple.defaultpasswordpolicy.fde                                     | policyAttributePassword matches '.{4,}+'                       | Enter a password that is four characters or more.         |
| -1  | ProfilePayload:683bc67c-5069-4b85-ba8e-f0fbef595e39:requireAlphanumeric | policyAttributePassword matches '^(?=.*[0-9])(?=.*[a-zA-Z]).+' | Contain at least one number and one alphabetic character. |
+-----+-------------------------------------------------------------------------+----------------------------------------------------------------+-----------------------------------------------------------+
osquery> select * from password_policy where uid != -1;
+-----+----------------------------------+-------------------------------------------+----------------------------------------------+
| uid | policy_identifier                | policy_content                            | policy_description                           |
+-----+----------------------------------+-------------------------------------------+----------------------------------------------+
| 502 | com.apple.policy.legacy.minChars | policyAttributePassword matches '.{12,}?' | Must be a minimum of 12 characters in length |
+-----+----------------------------------+-------------------------------------------+----------------------------------------------+

Yep!

@Smjert Smjert mentioned this pull request Jul 21, 2022
Merged
@sharvilshah sharvilshah merged commit 6c5c27a into osquery:master Jul 28, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@directionless directionless directionless approved these changes

Assignees
No one assigned
Labels
macOS ready for review Pull requests that are ready to be reviewed by a maintainer virtual tables
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@sharvilshah @directionless @mike-myers-tob