[PATCH] [bugfix] Inconsistent kernel checking

Fri, 01 Feb 2013 21:29:50 -0800 

>From 40c0126d7298f6ddb5cf71956cd6b3a2b69b8f7c Mon Sep 17 00:00:00 2001
From: Shawn Wells <[email protected]>
Date: Fri, 1 Feb 2013 17:46:23 -0500
Subject: [PATCH] [bugfix] Inconsistent kernel checking
 As reported by Philip S., OVAL was checking for /bin/false whereas
 the XCCDF macro was still configured for /bin/true

---
 RHEL6/transforms/shorthand2xccdf.xslt |    4 ++--
 1 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/RHEL6/transforms/shorthand2xccdf.xslt 
b/RHEL6/transforms/shorthand2xccdf.xslt
index 507238e..d82b5e5 100644
--- a/RHEL6/transforms/shorthand2xccdf.xslt
+++ b/RHEL6/transforms/shorthand2xccdf.xslt
@@ -379,7 +379,7 @@ exclude-result-prefixes="xccdf xhtml dc">
   <xsl:template match="module-disable-macro">
 To configure the system to prevent the <xhtml:code><xsl:value-of 
select="@module"/></xhtml:code>
 kernel module from being loaded, add the following line to a file in the 
directory <xhtml:code>/etc/modprobe.d</xhtml:code>:
-<xhtml:pre xml:space="preserve">install <xsl:value-of select="@module"/> 
/bin/true</xhtml:pre>
+<xhtml:pre xml:space="preserve">install <xsl:value-of select="@module"/> 
/bin/false</xhtml:pre>
   </xsl:template>
 
   <xsl:template match="module-disable-check-macro">
@@ -387,7 +387,7 @@ If the system is configured to prevent the loading of the
 <xhtml:code><xsl:value-of select="@module"/></xhtml:code> kernel module,
 it will contain lines inside any file in 
<xhtml:code>/etc/modprobe.d</xhtml:code> or the 
deprecated<xhtml:code>/etc/modprobe.conf</xhtml:code>.
 These lines instruct the module loading system to run another program (such as
-<xhtml:code>/bin/true</xhtml:code>) upon a module 
<xhtml:code>install</xhtml:code> event.
+<xhtml:code>/bin/false</xhtml:code>) upon a module 
<xhtml:code>install</xhtml:code> event.
 Run the following command to search for such lines in all files in 
<xhtml:code>/etc/modprobe.d</xhtml:code>
 and the deprecated <xhtml:code>/etc/modprobe.conf</xhtml:code>:
 <xhtml:pre xml:space="preserve">$ grep -r <xsl:value-of select="@module"/> 
/etc/modprobe.conf /etc/modprobe.d</xhtml:pre>
-- 
1.7.1


_______________________________________________
scap-security-guide mailing list
[email protected]
https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide






















					Reply via email to