Signed-off-by: Jeffrey Blank <[email protected]> --- RHEL6/input/profiles/STIG-server.xml | 11 +++++++++++ RHEL6/input/profiles/test.xml | 11 +++++++++++ 2 files changed, 22 insertions(+), 0 deletions(-)
diff --git a/RHEL6/input/profiles/STIG-server.xml b/RHEL6/input/profiles/STIG-server.xml index 7fa7df7..e669b3f 100644 --- a/RHEL6/input/profiles/STIG-server.xml +++ b/RHEL6/input/profiles/STIG-server.xml @@ -35,6 +35,17 @@ <select idref="tftpd_uses_secure_mode" selected="true" /> +<select idref="user_umask_bashrc" selected="true" /> +<select idref="user_umask_cshrc" selected="true" /> +<select idref="user_umask_profile" selected="true" /> +<select idref="user_umask_logindefs" selected="true" /> +<refine-value idref="user_umask_value" selector="077"/> + + +<select idref="daemon_umask" selected="true" /> +<refine-value idref="var_umask_for_daemons" selector="027"/> + + <select idref="no_netrc_files" selected="true" /> <select idref="ftp_present_banner" selected="true" /> diff --git a/RHEL6/input/profiles/test.xml b/RHEL6/input/profiles/test.xml index 8d3761a..9f0bd50 100644 --- a/RHEL6/input/profiles/test.xml +++ b/RHEL6/input/profiles/test.xml @@ -45,6 +45,17 @@ <refine-value idref="var_auditd_action_mail_acct" selector="root"/> +<select idref="user_umask_bashrc" selected="true" /> +<select idref="user_umask_cshrc" selected="true" /> +<select idref="user_umask_profile" selected="true" /> +<select idref="user_umask_logindefs" selected="true" /> +<refine-value idref="user_umask_value" selector="077"/> + + +<select idref="daemon_umask" selected="true" /> +<refine-value idref="var_umask_for_daemons" selector="027"/> + + <refine-value idref="var_password_min_len" selector="12"/> <!-- password minimum length --> -- 1.7.1 _______________________________________________ scap-security-guide mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
