For SSGID Set Deny For Failed Password Attempts - (CCE-26844-1), with either the stig-rhel6-server or usgcb-rhel6-server profiles selected from the SCAP stream, when run with SCC 3.1.1.1, may produce a false-positive on a RHEL6V1R2 complaint machine.. The SSG content checks maximum failed login attempts allowed in /etc/pam.d/system-auth and /etc/pam.d/password-auth. The STIG checks /etc/pam.d/system-auth-ac /etc/pam.d/system-auth-acĀ file is symlinked to /etc/pam.d/system-auth Any changes made to /etc/pam.d/system-auth are overwritten when authconfig is run.
_______________________________________________ scap-security-guide mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
