Hello Mike, thank you for reaching out.
----- Original Message ----- > From: "Mike Kuhnkey" <[email protected]> > To: [email protected] > Sent: Thursday, February 11, 2016 10:59:00 AM > Subject: [Open-scap] CNSSI-1253 Profile being developed for RHEL7 > Workstation? > > Noticed the CNSSI-1253 profile is available for RHEL6. Is it possible to > carry the profile forward to RHEL7? The CNSS No.1253 profile from RHEL-6 has not been ported to RHEL-7 system in SSG upstream yet. The corresponding upstream ticket is: [1] https://github.com/OpenSCAP/scap-security-guide/issues/858 So I would recommend to watch progress done there. > I’m working through the scap-workbench build process…looking for > insights/direction on what’s involved with such an effort? SCAP Workbench itself can't help with porting existing RHEL-6 profile to RHEL-7 security checklist. The code for that profile first needs to be merged upstream [1]. > I’m on rocky ground when it comes to “catalog” versus “Profile” in this > environment, so any insights on this are also relevant. Refer e.g. to: [2] https://github.com/OpenSCAP/scap-security-guide/pull/550 for an example what it means to port specific profile from one RHEL product to another. > What I’m particularly interested in is modifications of CNSSI-1253 > low/low/low to increased levels/controls. Also interested in modifications of existing RHEL-6 CNSS No.1253 profile against different overlays? Or is this question just RHEL-7 specific? (IOW aforementioned answer(s) hold). Thank you && Regards, Jan. -- Jan iankko Lieskovsky / Red Hat Security Technologies Team > > _______________________________________________ > Open-scap-list mailing list > [email protected] > https://www.redhat.com/mailman/listinfo/open-scap-list _______________________________________________ Open-scap-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/open-scap-list
