Forgive me for answering myself. I edited the XCCDF to use the profile values and both the guide and evaluation reports look ok (and coeherent with the profile values). Should I submit a patch with these changes?
Best regards -- Rui Pedro Bernardino CTE2/Tecnologias e Desenvolvimento PT Inovação -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Rui Pedro Bernardino Sent: quinta-feira, 26 de Setembro de 2013 11:36 To: [email protected] Subject: XCCDF: using value references in rule description Hi, Is there any reason why SSG doesn't use the profile values on the description, eg: (...) <description>The SELinux state should be set to <tt><sub idref="var_selinux_state_name"/></tt> at (...) Instead of the current: (...) <description>The SELinux state should be set to <tt>enforcing</tt> at (...) With the current approach, the rule description (possibly) won't match the profile and will mention misleading remediations. Regards -- Rui Pedro Bernardino CTE2/Tecnologias e Desenvolvimento PT Inovação _______________________________________________ scap-security-guide mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide _______________________________________________ scap-security-guide mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
