----- Original Message -----
From: "Shawn Wells" <shawn(a)redhat.com>
To: scap-security-guide(a)lists.fedorahosted.org
Sent: Wednesday, May 14, 2014 6:32:03 PM
Subject: [PATCH 0/5] RHEL6 bugfixes
Various bugfixes relating to STIG profile rules, 50% renaming XCCDF/OVAL
issues.
Last patch is more of an RFC, was unsure why 'rmdir' was no longer being
audited
Shawn Wells (5):
XCCDF/OVAL mismatch, mountopt_noexec_on_removable_partitions ->
mount_option_noexec_removable_partitions
ACK (reasonable the XCCDF rule name to match OVAL check name).
[bugfix OVAL] updated mount_option_noexec_removable_partitions to
reflect proper XCCDF variable
ACK (good catch).
XCCDF/OVAL mismatch, install_openswan -->
package_openswan_installed
ACK (another one good catch).
XCCDF/OVAL mismatch, audit_file_deletions -->
audit_rules_file_deletion_events
ACK (to be consistent with other audit rule names / name scheme)
[auditd RFC / bugfix] updating DAC to audit for rmdir command
ACK (in my opinion makes sense to audit for rmdir calls too when checking
file deletion events)
Thank you && Regards, Jan.
--
Jan iankko Lieskovsky / Red Hat Security Technologies Team
RHEL/6/input/auxiliary/stig_overlay.xml | 6 +++---
RHEL/6/input/auxiliary/transition_notes.xml | 2 +-
.../checks/audit_rules_file_deletion_events.xml | 2 +-
.../mount_option_noexec_removable_partitions.xml | 6 +++---
RHEL/6/input/profiles/C2S.xml | 4 ++--
RHEL/6/input/profiles/CS2.xml | 6 +++---
RHEL/6/input/profiles/CSCF-RHEL6-MLS.xml | 4 ++--
RHEL/6/input/profiles/common.xml | 4 ++--
RHEL/6/input/profiles/desktop.xml | 2 +-
.../6/input/profiles/fisma-medium-rhel6-server.xml | 4 ++--
RHEL/6/input/profiles/nist-CL-IL-AL.xml | 4 ++--
.../input/profiles/stig-rhel6-server-upstream.xml | 2 +-
RHEL/6/input/profiles/usgcb-rhel6-server.xml | 4 ++--
RHEL/6/input/system/auditing.xml | 4 ++--
RHEL/6/input/system/network/ipsec.xml | 2 +-
RHEL/6/input/system/permissions/partitions.xml | 2 +-
16 files changed, 29 insertions(+), 29 deletions(-)
_______________________________________________
scap-security-guide mailing list
scap-security-guide(a)lists.fedorahosted.org
https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide