----- Original Message -----
From: "Trey Henefield" trey.henefield@ultra-ats.com To: "SCAP Security Guide" scap-security-guide@lists.fedorahosted.org Sent: Thursday, August 28, 2014 9:28:34 PM Subject: RE: New report and guide in openscap 1.1.0
I had provided a comment a while back that I never heard back on.
"I am not sure if it has been mentioned, but I personally would find it useful to include details on the results.
For instance, considering a check that ensures all libraries meet certain permissions, it would be useful to identify all entries that are non-compliant, if failed.
We already do that for a lot of checks but not all. For example it's done for file permission checks.
Random Examples: "Verify and Correct File Permissions with RPM" "Verify that All World-Writable Directories Have Sticky Bits Set" "Ensure All Files Are Owned by a User" "Set Password Minimum Length in login.defs" ...
Is there any type of a check that is missing this functionality where it is essential?