On 11/13/2014 06:20 PM, Shawn Wells wrote:
On 11/13/14, 8:52 AM, Martin Preisler wrote:
----- Original Message -----
From: "Gabe Alford" redhatrises@gmail.com To: "SCAP Security Guide" scap-security-guide@lists.fedorahosted.org Sent: Thursday, November 13, 2014 2:05:40 PM Subject: Re: Waiver support in HTML report
Really like the new feature! One thing is how do I remove a waiver, e.g. what if I accidentally add a waiver to the wrong rule?
Right now you can't but this is a planned feature. There will be a waiver removal callback that integrations can set. I will most likely not add waiver modification, if you need waiver modification you can always remove a waiver and add a new one.
In an earlier thread someone mentioned setting a "waiver expiration" concept. This would be INCREDIBLY useful, but would this be better discussed for SCAPtimony integration?
As a sample use case.... During many C&A efforts, I've had a control assessor find something I've overlooked. An example would be setting the system login banners -- sometimes on small, compartmentalized networks, setting the login banner is more a formality to pass a compliance check than a meaningful legal countermeasure. So they grant ATO given that I must fix the finding within 5-10 days. In such a scenario, I load up the SCAP report and click "add waiver." I select a "expires on" date, which somehow integrates into SCAPtimony. As that date approaches I get nag screens.
Would something like this be achievable? And if so, should an RFE be filed to the SCAPtimony GitHub page or somewhere else?
Very nice idea Shawn!
I have added it to the list of planned features.
https://github.com/OpenSCAP/scaptimony/commit/6caf6b39c3771b1cecc2f67ec656ee...
Thanks!