>From 3c8d7444dee36c101f07c7a88ee679348b5e0382 Mon Sep 17 00:00:00 2001 From: Shawn Wells <[email protected]> Date: Tue, 25 Dec 2012 15:47:13 -0500 Subject: [PATCH 04/17] Mapped account_temp_expire_date and account_disable_post_pw_expiration to AC-2(2) and AC-2(3) Mapped account_temp_expire_date and account_disable_post_pw_expiration to AC-2(2) and AC-2(3)
--- .../accounts/restrictions/account_expiration.xml | 5 ++--- 1 files changed, 2 insertions(+), 3 deletions(-) diff --git a/RHEL6/input/system/accounts/restrictions/account_expiration.xml b/RHEL6/input/system/accounts/restrictions/account_expiration.xml index 9b2ad28..4bb294a 100644 --- a/RHEL6/input/system/accounts/restrictions/account_expiration.xml +++ b/RHEL6/input/system/accounts/restrictions/account_expiration.xml @@ -27,7 +27,6 @@ normal command line utilities. <value selector="180">180</value> </Value> - <Rule id="account_disable_post_pw_expiration"> <title>Set Account Expiration Following Inactivity</title> <description>To specify the number of days after a password expires (which @@ -58,7 +57,7 @@ have been responsibly removed are not available to attackers who may have compromised their credentials. </rationale> <oval id="accounts_disable_post_pw_expiration" value="var_account_disable_post_pw_expiration"/> -<ref disa="16,17,795"/> +<ref nist="AC-2(2), AC-2(3)" disa="16,17,795"/> </Rule> <Rule id="account_unique_name"> @@ -99,7 +98,7 @@ remain in place and active after the need for them no longer exists. Account expiration greatly reduces the risk of accounts being misused or hijacked. <br/> </rationale> -<ref disa="16,1682"/> +<ref nist="AC-2(2),AC-2(3)" disa="16,1682"/> </Rule> </Group> -- 1.7.1
_______________________________________________ scap-security-guide mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
