>> Ensure Log Files Are Owned By Appropriate Group unknown >> Ensure System Log Files Have Correct Permissions unknown >> >> may be reformulated to: >> Ensure Log Files Are stored in /var/log pass (if lucky) > > Not the same thing. As written currently, files match rsyslog config.
I'll push up a patch to demonstrate what I mean. >> (Really, the Rule for having a separate partition for /var/log is >> already sort of assuming that we're doing this...) > > I don't think these are equivalent. What I mean is that the rationale for having /var/log on a separate partition does not exist if logfiles can live elsewhere. > In any case I have been directed to relax that particular requirement > (separate filesystem for /var/log) for at least single-user workstations > within NASA. Such rules will be altered via <Profile> to have > role="unscored", severity="low", and selected="true". Sounds perfectly reasonable to me. Ah -- excellent -- thanks for pointing out that it's possible for a Profile to override a Rule's severity setting. _______________________________________________ scap-security-guide mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
