Review Request: scap-security-guide - Security guidance and baselines in SCAP formats

Jan Lieskovsky jlieskov at redhat.com
Tue Oct 15 10:06:45 UTC 2013 

Thanks Peter. Noticed && replied. Will reply / deal with
Zbigniew's comments (c#4) yet too.

Regards, Jan.
--
Jan iankko Lieskovsky / Red Hat Security Technologies Team

----- Original Message -----
> From: "Peter Vrabec" <pvrabec at redhat.com>
> To: "Jan Lieskovsky" <jlieskov at redhat.com>
> Cc: devel at lists.fedoraproject.org, "Josh Bressers" <bressers at redhat.com>, "Shawn Wells" <swells at redhat.com>
> Sent: Tuesday, October 15, 2013 11:34:21 AM
> Subject: Re: Review Request: scap-security-guide - Security guidance and baselines in SCAP formats
> 
> Hi Jan
> 
> thnx. for the progress.
> 
> see my question: https://bugzilla.redhat.com/show_bug.cgi?id=1018905#c5
> 
> Peter.
> 
> On 10/14/2013 06:47 PM, Jan Lieskovsky wrote:
> > Hello guys,
> >
> >    have submitted review request for scap-security-guide rpm for Fedora:
> >    [1] https://bugzilla.redhat.com/show_bug.cgi?id=1018905
> >
> > The goal of the Fedora scap-security-rpm project is:
> > * provide primary SCAP protocol content for oscap / scap-workbench,
> >    intended for use for scanning of Fedora systems,
> >
> > * package existing RHEL6 / JBossEAP5 / RHEL5 SSG content into
> >    Fedora's rpm too (so RHEL6 / JBossEAP5 / RHEL5 guests could
> >    be scanned from Fedora host too) - this is to be implemented yet
> >    in upcoming versions,
> >
> > * the SCAP content is to be based on:
> >    - transformation of existing upstream SCAP security guide:
> >      [2] https://fedorahosted.org/scap-security-guide/
> >
> >      rules for Red Hat Enterprise Linux 6 to Fedora,
> >    - creation of new (Fedora specific) rules which would
> >      align with the development / application of new features
> >      in Fedora with intention the created rules to be later
> >      transformed back (once validated) into SSG upstream for
> >      use in subsequent versions of Red Hat Enterprise Linux
> >
> >
> > Above link [1] provides referencing / initial SPEC file and source
> > RPM package with SCAP XML content as it got transformed from existing
> > RHEL6 content.
> >
> > Subsequent rules, remediation scripts (and above mentioned RHEL6 /
> > JBossEAP5 /
> > RHEL5 content) to come in future package versions.
> >
> > Please review.
> >
> > Thank you && Regards, Jan.
> > --
> > Jan iankko Lieskovsky / Red Hat Security Technologies Team
> >
> 
>

More information about the devel mailing list