Ah my appologies, I did not see those checks. Very nice. I do have to say, it looks very beautifully structured. Great job!
Is it possible there could be a way to filter or toggle between failed items versus all items checked? It would be useful for SCAP content testing and for reassurance of what was checked.
Best regards,
Trey Henefield, CISSP Senior IAVA Engineer
Ultra Electronics Advanced Tactical Systems, Inc. 4101 Smith School Road Building IV, Suite 100 Austin, TX 78744 USA
Trey.Henefield@ultra-ats.com Tel: +1 512 327 6795 ext. 647 Fax: +1 512 327 8043 Mobile: +1 512 541 6450
www.ultra-ats.com
-----Original Message----- From: scap-security-guide-bounces@lists.fedorahosted.org [mailto:scap-security-guide-bounces@lists.fedorahosted.org] On Behalf Of Martin Preisler Sent: Friday, August 29, 2014 4:42 AM To: SCAP Security Guide Subject: Re: New report and guide in openscap 1.1.0
----- Original Message -----
From: "Trey Henefield" trey.henefield@ultra-ats.com To: "SCAP Security Guide" scap-security-guide@lists.fedorahosted.org Sent: Thursday, August 28, 2014 9:28:34 PM Subject: RE: New report and guide in openscap 1.1.0
I had provided a comment a while back that I never heard back on.
"I am not sure if it has been mentioned, but I personally would find it useful to include details on the results.
For instance, considering a check that ensures all libraries meet certain permissions, it would be useful to identify all entries that are non-compliant, if failed.
We already do that for a lot of checks but not all. For example it's done for file permission checks.
Random Examples: "Verify and Correct File Permissions with RPM" "Verify that All World-Writable Directories Have Sticky Bits Set" "Ensure All Files Are Owned by a User" "Set Password Minimum Length in login.defs" ...
Is there any type of a check that is missing this functionality where it is essential?
-- Martin Preisler -- SCAP Security Guide mailing list scap-security-guide@lists.fedorahosted.org https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide https://github.com/OpenSCAP/scap-security-guide/
Disclaimer The information contained in this communication from trey.henefield@ultra-ats.com sent at 2014-08-31 00:25:17 is confidential and may be legally privileged. It is intended solely for use by scap-security-guide@lists.fedorahosted.org and others authorized to receive it. If you are not scap-security-guide@lists.fedorahosted.org you are hereby notified that any disclosure, copying, distribution or taking action in reliance of the contents of this information is strictly prohibited and may be unlawful.