CCI-000022 requires the OS to enforce org-defined nondiscretionary access control policies. SELinux in "enforcing" mode provids a mechanism to define and enforce such policies.
Signed-off-by: Willy Santos <[email protected]> --- rhel6/src/input/system/selinux.xml | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/rhel6/src/input/system/selinux.xml b/rhel6/src/input/system/selinux.xml index 803cdf9..1e868bf 100644 --- a/rhel6/src/input/system/selinux.xml +++ b/rhel6/src/input/system/selinux.xml @@ -114,7 +114,7 @@ privileges. </rationale> <ident cce="3999-0" /> <oval id="selinux_mode" value="var_selinux_state_name"/> -<ref nist="CM-6, CM-7" /> +<ref nist="CM-6, CM-7" disa="7"/> </Rule> <Rule id="set_selinux_policy"> -- 1.7.7.6 _______________________________________________ scap-security-guide mailing list [email protected] https://fedorahosted.org/mailman/listinfo/scap-security-guide
