On 8/29/14, 5:41 AM, Martin Preisler wrote:
----- Original Message -----
From: "Trey Henefield" trey.henefield@ultra-ats.com To: "SCAP Security Guide" scap-security-guide@lists.fedorahosted.org Sent: Thursday, August 28, 2014 9:28:34 PM Subject: RE: New report and guide in openscap 1.1.0
I had provided a comment a while back that I never heard back on.
"I am not sure if it has been mentioned, but I personally would find it useful to include details on the results.
For instance, considering a check that ensures all libraries meet certain permissions, it would be useful to identify all entries that are non-compliant, if failed.
We already do that for a lot of checks but not all. For example it's done for file permission checks.
Random Examples: "Verify and Correct File Permissions with RPM" "Verify that All World-Writable Directories Have Sticky Bits Set" "Ensure All Files Are Owned by a User" "Set Password Minimum Length in login.defs" ...
Is there any type of a check that is missing this functionality where it is essential?
Honestly, it'd be incredibly useful for all of them.
From the table on File Permissions with RPM, noticed the stylesheet
creates the "OVAL details" label. Tried searching through the OpenSCAP code to see how the XSLT gets this information to no avail: https://github.com/OpenSCAP/openscap/search?utf8=%E2%9C%93&q=%22OVAL+det...
Is there something we need to expose in content, or is the inclusion of test results accomplished via OpenSCAP?