A new <tested> tag can now be added to Rules.

This will be a way to document when: 1) The fix text has been proofread and exercised. 2) The check text has been proofread and exercised. 3) A positive and negative test result can be obtained using the fix text (description) and its check text.

This should ensure at least syntactic correctness for all Rules. A second round of testing (from a different person) will involve verification that the system behaves as configured.

I'll be adding support to the transforms to show this in tables (with color coding), and also to move the information into comments (or some other valid storage area in XCCDF).

Michael mentioned that he's going to start testing, so hopefully this will enable that. See example tag below (at bottom):

<Rule id="partition_for_tmp"> <title>Ensure /tmp Located On Separate Partition</title> <description> The <tt>/tmp</tt> directory is a world-writable directory used for temporary file storage. Ensure that it has its own partition or logical volume at installation time, or migrate it using LVM. </description> <ocil><partition-check-macro part="/tmp"/></ocil> <rationale> The <tt>/tmp</tt> partition is used as temporary storage by many programs. Placing <tt>/tmp</tt> in its own partition enables the setting of more restrictive mount options, which can help protect programs which use it. </rationale> <ident cce="14161-4"/> <oval id="mount_tmp_own_partition" /> <ref nist="CM-6" /> <tested by="MM" on="20120927"> </Rule>