On 6/29/12 5:45 PM, Willy Santos wrote:
CCI-000085 requires monitoring for unauthorized connections of mobile devices.
The referenced rule removes the USB storage driver from the system.
Signed-off-by: Willy Santos <[email protected]>
---
rhel6/src/input/system/permissions/mounting.xml | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/rhel6/src/input/system/permissions/mounting.xml
b/rhel6/src/input/system/permissions/mounting.xml
index f913f4b..569fd7a 100644
--- a/rhel6/src/input/system/permissions/mounting.xml
+++ b/rhel6/src/input/system/permissions/mounting.xml
@@ -78,7 +78,7 @@ software and other vulnerabilities. Support for these devices
should be disabled
the devices themselves should be tightly controlled.</rationale>
<ident cce="4006-3" />
<oval id="kernel_module_usb-storage_removed" />
-<ref nist="CM-6, CM-7" disa="1250" />
+<ref nist="CM-6, CM-7" disa="1250,85" />
</Rule>
<Rule id="bootloader_nousb_argument">
Ack
_______________________________________________
scap-security-guide mailing list
[email protected]
https://fedorahosted.org/mailman/listinfo/scap-security-guide
