Skip to content
Snippets Groups Projects
Commit 3b1292db0572 authored by jfp's avatar jfp
Browse files

Fix class 05, don't get all_users at import time

parent f189a61c23d2
Branches
No related tags found
No related merge requests found
...@@ -2,5 +2,4 @@ ...@@ -2,5 +2,4 @@
__version__ = '1.0' __version__ = '1.0'
from .common import level_rule from .common import level_rule
import os, os.path
from ovms.rtl import lib from ovms.rtl import lib
...@@ -6,4 +5,4 @@ ...@@ -6,4 +5,4 @@
from ovms.rtl import lib from ovms.rtl import lib
from ovms import syidef, uaidef, prvdef, dvidef, ossdef from ovms import syidef, uaidef
from ovms import user from ovms import user
from ovms import starlet from ovms import starlet
...@@ -8,6 +7,4 @@ ...@@ -8,6 +7,4 @@
from ovms import user from ovms import user
from ovms import starlet from ovms import starlet
from ovms import itemList
from ovms import crtl
maxsysgroup = lib.getsyi(syidef.SYI__MAXSYSGROUP)[1] maxsysgroup = lib.getsyi(syidef.SYI__MAXSYSGROUP)[1]
...@@ -12,6 +9,6 @@ ...@@ -12,6 +9,6 @@
maxsysgroup = lib.getsyi(syidef.SYI__MAXSYSGROUP)[1] maxsysgroup = lib.getsyi(syidef.SYI__MAXSYSGROUP)[1]
all_users = user.all_users() all_users = None
def cmp(a, b): def cmp(a, b):
...@@ -26,8 +23,9 @@ ...@@ -26,8 +23,9 @@
prematurely abort the system login sequence. This may prevent certain prematurely abort the system login sequence. This may prevent certain
procedures from being executed during login which may be required for this procedures from being executed during login which may be required for this
site.""" site."""
global all_users
if not fmt: if not fmt:
print('Rule 0501', file=fo) print('Rule 0501', file=fo)
print('=========', file=fo) print('=========', file=fo)
...@@ -29,8 +27,11 @@ ...@@ -29,8 +27,11 @@
if not fmt: if not fmt:
print('Rule 0501', file=fo) print('Rule 0501', file=fo)
print('=========', file=fo) print('=========', file=fo)
if all_users is None:
all_users = user.all_users()
for u in list(all_users.values()): for u in list(all_users.values()):
if not (u.flags & uaidef.UAI_M_DISCTLY): if not (u.flags & uaidef.UAI_M_DISCTLY):
if fmt: if fmt:
...@@ -46,6 +47,10 @@ ...@@ -46,6 +47,10 @@
This allows these accounts to change the default Command Language Interpreter This allows these accounts to change the default Command Language Interpreter
(CLI ) or CLI tables which may have undesirable consequences. (CLI ) or CLI tables which may have undesirable consequences.
It may also allow these accounts to avert any security monitoring during use.""" It may also allow these accounts to avert any security monitoring during use."""
global all_users
if all_users is None:
all_users = user.all_users()
if not fmt: if not fmt:
print('', file=fo) print('', file=fo)
...@@ -68,6 +73,10 @@ ...@@ -68,6 +73,10 @@
it be assigned a system level UIC. In addition, it is recommended that a it be assigned a system level UIC. In addition, it is recommended that a
user of a captive account not be allowed to change the password for that user of a captive account not be allowed to change the password for that
account -- The LOCKPWD flag should be set.""" account -- The LOCKPWD flag should be set."""
global all_users
if all_users is None:
all_users = user.all_users()
if not fmt: if not fmt:
print('', file=fo) print('', file=fo)
...@@ -93,6 +102,10 @@ ...@@ -93,6 +102,10 @@
it be assigned a system level UIC. In addition, its PRCLM quota should be it be assigned a system level UIC. In addition, its PRCLM quota should be
set to zero in order to prevent such a user to spawn out of the restricted set to zero in order to prevent such a user to spawn out of the restricted
environment.""" environment."""
global all_users
if all_users is None:
all_users = user.all_users()
if not fmt: if not fmt:
print('', file=fo) print('', file=fo)
...@@ -118,6 +131,10 @@ ...@@ -118,6 +131,10 @@
these accounts are inactive and, therefore, may be unnecessary. They also these accounts are inactive and, therefore, may be unnecessary. They also
present a potential security risk in that unauthorized users may attempt to present a potential security risk in that unauthorized users may attempt to
gain access to the system using these accounts.""" gain access to the system using these accounts."""
global all_users
if all_users is None:
all_users = user.all_users()
if not fmt: if not fmt:
print('', file=fo) print('', file=fo)
...@@ -143,6 +160,10 @@ ...@@ -143,6 +160,10 @@
Stale accounts can present opportunities to penetrate the system. Stale accounts can present opportunities to penetrate the system.
These may be stale accounts which are no longer needed. They may also be These may be stale accounts which are no longer needed. They may also be
utilized as a means to gain unauthorized access to the system.""" utilized as a means to gain unauthorized access to the system."""
global all_users
if all_users is None:
all_users = user.all_users()
if not fmt: if not fmt:
print('', file=fo) print('', file=fo)
...@@ -169,6 +190,10 @@ ...@@ -169,6 +190,10 @@
Improperly defined and maintained user accounts presents opportunities Improperly defined and maintained user accounts presents opportunities
to penetrate the system, thus giving an unauthorized user access to the system to penetrate the system, thus giving an unauthorized user access to the system
resources.""" resources."""
global all_users
if all_users is None:
all_users = user.all_users()
if not fmt: if not fmt:
print('', file=fo) print('', file=fo)
...@@ -190,6 +215,10 @@ ...@@ -190,6 +215,10 @@
Improperly defined and maintained user accounts present opportunities Improperly defined and maintained user accounts present opportunities
to penetrate the system, thus giving an unauthorized user access to the system to penetrate the system, thus giving an unauthorized user access to the system
resources.""" resources."""
global all_users
if all_users is None:
all_users = user.all_users()
if not fmt: if not fmt:
print('', file=fo) print('', file=fo)
...@@ -214,6 +243,10 @@ ...@@ -214,6 +243,10 @@
of the site. Improperly defined Login related SYSGEN parameters can result of the site. Improperly defined Login related SYSGEN parameters can result
in the compromise of the operating system environment, and compromise the in the compromise of the operating system environment, and compromise the
confidentiality of customer data.""" confidentiality of customer data."""
global all_users
if all_users is None:
all_users = user.all_users()
if not fmt: if not fmt:
print('', file=fo) print('', file=fo)
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment