So, I was re-reading the RHEL6 guide and I'm not seeing the imminent threat on leaving anacron on a server.
1) I usually want anacron to take care of things that I missed if a server has been down for a while. 2) Anacron can only be used by root. Regular users can't modify anacron settings. 3) Cron is already locked down based on further guidance (which I don't see a CCE for) So, given 1-3, what is the practical harm in leaving anacron on the system? Given the above, unless there is a solid attack vector behind this that I'm missing, I would like to propose the deletion of "Disable anacron Service". Thanks, Trevor -- Trevor Vaughan Vice President, Onyx Point, Inc (410) 541-6699 [email protected] -- This account not approved for unencrypted proprietary information --
_______________________________________________ scap-security-guide mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
