Hi I'll try to have a look on parametizing it. And, yes quick guidance is welcome.
Tx On Mon, Apr 24, 2017 at 10:59 PM Shawn Wells <[email protected]> wrote: > > > On 4/19/17 4:17 AM, Jan Cerny wrote: > > Hi, > > > > Some of the rules in SCAP Security guide can be parametrized using > "XCCDF Value". > > Those values can be set in SCAP Workbench. However that's not the case > of this > > particular rule, the value is hard-coded in regular expressions across > the > > file. We use parametrized values for example in rules that specify > minimal > > length of a password etc. > > > > The fastest way would be to replace the auid in OVAL file manually. > > Better way would be to rework the rules so that they're parametrized > using > > XCCDF Values. > > Parametizing auid's in the upstream code seems like the right thing to > do. Especially if you'd have to do it anyway for a local fork (which > would be hell to maintain). > > We can expose the parameter internally to the XCCDF and have the default > value be the operating system default of 1000. > > Sébastien - If you're willing to work on this, happy to help with > guidance on how to get started in the SSG codebase. Let us know. > > _______________________________________________ > Open-scap-list mailing list > [email protected] > https://www.redhat.com/mailman/listinfo/open-scap-list
_______________________________________________ Open-scap-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/open-scap-list
