On 10/5/13 12:07 PM, [email protected] wrote:
Shawn,If these files exist and contain '1': '/selinux/enforce' - RHEL 6 '/sys/fs/selinux/enforce' - Fedora 19Then SELinux is enabled and enforcing - the filesystem can only exist if SELinux is enabled, the contents are the enforcement status.
So then, should we update the existing SELinux OVAL to check for both the static /etc/selinux/config *and* runtime /selinux/enforce values?
_______________________________________________ scap-security-guide mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
