On 9/30/12 12:33 AM, Michael J. McConachie wrote:

0003-Test-Tags-added-for-input-services-obsolete.xml.patch

From 56474993784ffb3330121aec5172af61e1cbc906 Mon Sep 17 00:00:00 2001 From: Michael McConachiemichael@redhat.com Date: Sun, 30 Sep 2012 00:30:37 -0400 Subject: [PATCH 3/6] Test Tags added for input/services/obsolete.xml

---

RHEL6/input/services/obsolete.xml | 2 ++ 1 file changed, 2 insertions(+)

diff --git a/RHEL6/input/services/obsolete.xml b/RHEL6/input/services/obsolete.xml index eaf853c..38e0e1d 100644 --- a/RHEL6/input/services/obsolete.xml +++ b/RHEL6/input/services/obsolete.xml @@ -192,6 +192,7 @@ used in conjunction with the R-services, they can allow unauthenticated access to a system.</rationale>

<ident cce="TODO" /> <oval id="no_rsh_trusted_host_files" /> +<tested by="MM" on="20120929"/> </Rule>

nack

- description tag shows privileged and non privileged shell symbols for removing the files. Need to be consistent (likely #'s). - OCIL doesn't give a command to test if those files exist. Need to be very verbose, can not say "if files exist"... need to give a one liner, e.g. "run the command file /etc/hosts.equiv and ensure the output states the file does not exist"

</Group> @@ -216,6 +217,7 @@ accidental (or intentional) activation of NIS or NIS+ services. </rationale> <ident cce="4348-9" /> <oval id="package_ypserv_removed" /> +<tested by="MM" on="20120929"/> </Rule>

<Rule id="disable_ypbind">

Ack on this one