On 8/16/12 6:25 PM, Jeffrey Blank wrote:
Signed-off-by: Jeffrey Blank <[email protected]>
---
RHEL6/input/profiles/STIG-server.xml | 11 +++++++++++
RHEL6/input/profiles/test.xml | 11 +++++++++++
2 files changed, 22 insertions(+), 0 deletions(-)
diff --git a/RHEL6/input/profiles/STIG-server.xml
b/RHEL6/input/profiles/STIG-server.xml
index 7fa7df7..e669b3f 100644
--- a/RHEL6/input/profiles/STIG-server.xml
+++ b/RHEL6/input/profiles/STIG-server.xml
@@ -35,6 +35,17 @@
<select idref="tftpd_uses_secure_mode" selected="true" />
+<select idref="user_umask_bashrc" selected="true" />
+<select idref="user_umask_cshrc" selected="true" />
+<select idref="user_umask_profile" selected="true" />
+<select idref="user_umask_logindefs" selected="true" />
+<refine-value idref="user_umask_value" selector="077"/>
+
+
+<select idref="daemon_umask" selected="true" />
+<refine-value idref="var_umask_for_daemons" selector="027"/>
+
+
<select idref="no_netrc_files" selected="true" />
<select idref="ftp_present_banner" selected="true" />
diff --git a/RHEL6/input/profiles/test.xml b/RHEL6/input/profiles/test.xml
index 8d3761a..9f0bd50 100644
--- a/RHEL6/input/profiles/test.xml
+++ b/RHEL6/input/profiles/test.xml
@@ -45,6 +45,17 @@
<refine-value idref="var_auditd_action_mail_acct" selector="root"/>
+<select idref="user_umask_bashrc" selected="true" />
+<select idref="user_umask_cshrc" selected="true" />
+<select idref="user_umask_profile" selected="true" />
+<select idref="user_umask_logindefs" selected="true" />
+<refine-value idref="user_umask_value" selector="077"/>
+
+
+<select idref="daemon_umask" selected="true" />
+<refine-value idref="var_umask_for_daemons" selector="027"/>
+
+
<refine-value idref="var_password_min_len" selector="12"/>
<!-- password minimum length -->
Ack
_______________________________________________
scap-security-guide mailing list
[email protected]
https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
