For SSGID Enable Randomized Layout of Virtual Address Space - (CCE-26999-3), with either the stig-rhel6-server or usgcb-rhel6-server profiles selected from the SCAP stream, when run with SCC 3.1.1.1, may produce a false-positive on a RHEL6V1R2 complaint machine.. The Check Content for RHEL-06-000078 is to query the kernel parameter running state. If the system defaults to ‘2’ but configuration has not been set, with the SSG this check will fail on a RHEL6V1R2 complaint machine.. The command /bin/echo -e "\n# ASLR\nkernel.randomize_va_space = 2" >> /etc/sysctl.conf may not be necessary as verified by sysctl kernel.randomize_va_space Weather to verify the runtime state, configuration, or both is a common theme that we have seen in content/tool review of results.
_______________________________________________ scap-security-guide mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
