> possible with a real life security target people have to meet. I don't have > any feedback from disa as to whether or not they like it. :)
I have an "official" position (SYSIAO) that requires I interact with those darn things constantly. Plus, the errors in the guides actually cause me significant problems during scanning, with false positives and such (because they exist in the automated scan tools too). So, I've begun looking into getting feedback to/from the drafters of the UNIX Checklist; I'll let you know if anything comes of it. Brian -- Linux-audit mailing list [email protected] https://www.redhat.com/mailman/listinfo/linux-audit
