Extend with kernel-config-checker plugin

[nettrino]

It will be nice to pull kernel config options statically as performed by the kernel-config-checker plugin as well as to try and verify several settings dynamically. This is usefule as in come cases, such as in certain cloud deployments some security settings are not enforced regardless of config.

[Wenzel]

Looking at kcc, it doesn't have JSON output format, so it woud be difficult to load the data in the security hook, like we do with checksec:
https://github.com/Wenzel/oswatcher/blob/master/hooks/security.py#L31

However, kcc is a very small, project, adding support for a docopt command line and JSON output should not be difficult.

What do you think ?
Would you rather parse the text output in the OSWatcher hook ?

[nettrino]

This is what I had done for the blog post (I can point you to the link internally) - either is fine, we could just put in a PR for json output to be more consistent, parsing is probably faster

[Wenzel]

Actually this one is more maintained:
https://github.com/a13xp0p0v/kconfig-hardened-check

I opened an issue there
a13xp0p0v/kernel-hardening-checker#20