>From d2c1abe33d959b69d5efc6b42b5bb2cbe2abdeae Mon Sep 17 00:00:00 2001 From: Shawn Wells <[email protected]> Date: Tue, 25 Dec 2012 18:34:18 -0500 Subject: [PATCH 10/17] Updated mappings for AC-7* Updated mappings to reflect granularity of AC-7(a) vs AC-7(b)
--- RHEL6/input/system/accounts/pam.xml | 6 +++--- 1 files changed, 3 insertions(+), 3 deletions(-) diff --git a/RHEL6/input/system/accounts/pam.xml b/RHEL6/input/system/accounts/pam.xml index 7025fa6..b3e6220 100644 --- a/RHEL6/input/system/accounts/pam.xml +++ b/RHEL6/input/system/accounts/pam.xml @@ -409,7 +409,7 @@ prevents direct password guessing attacks. </rationale> <ident cce="26844-1" /> <oval id="accounts_passwords_pam_faillock_deny" value="var_accounts_passwords_pam_faillock_deny"/> -<ref nist="AC-7, CM-6" disa="44" /> +<ref nist="AC-7(a), CM-6" disa="44" /> </Rule> <Rule id="deny_password_attempts_unlock_time" severity="medium"> @@ -435,7 +435,7 @@ situations. </rationale> <ident cce="3410-8" /> <oval id="accounts_passwords_pam_faillock_unlock_time" value="var_accounts_passwords_pam_faillock_unlock_time"/> -<ref nist="AC-7, CM-6" disa="47" /> +<ref nist="AC-7(b), CM-6" disa="47" /> </Rule> <Rule id="deny_password_attempts_fail_interval" severity="medium"> @@ -459,7 +459,7 @@ specific period of time prevents direct password guessing attacks. </rationale> <ident cce="3410-8" /> <oval id="accounts_passwords_pam_fail_interval" value="var_accounts_passwords_pam_faillock_fail_interval"/> -<ref nist="AC-7, CM-6" disa="1452" /> +<ref nist="AC-7(a), CM-6" disa="1452" /> </Rule> <Rule id="limiting_password_reuse" severity="medium"> -- 1.7.1
_______________________________________________ scap-security-guide mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
