Thanks Shawn - pushed. I'm glad the OVAL patch came up and forced us to take another look at this particular rule.
On Mon, Jun 2, 2014 at 5:19 PM, Shawn Wells <[email protected]> wrote: > > On 6/2/14, 4:41 PM, David Smith wrote: > >> --- >> RHEL/6/input/profiles/CS2.xml | 1 - >> .../6/input/profiles/fisma-medium-rhel6-server.xml | 1 - >> RHEL/6/input/profiles/nist-CL-IL-AL.xml | 1 - >> RHEL/6/input/profiles/usgcb-rhel6-server.xml | 1 - >> 4 files changed, 0 insertions(+), 4 deletions(-) >> >> diff --git a/RHEL/6/input/profiles/CS2.xml b/RHEL/6/input/profiles/CS2. >> xml >> index 33c0395..aea380b 100644 >> --- a/RHEL/6/input/profiles/CS2.xml >> +++ b/RHEL/6/input/profiles/CS2.xml >> @@ -226,7 +226,6 @@ >> <select idref="kernel_module_bluetooth_disabled" selected="true"/> >> <select idref="service_crond_enabled" selected="true"/> >> -<select idref="disable_anacron" selected="true" /> >> <select idref="service_abrtd_disabled" selected="true"/> >> <select idref="service_acpid_disabled" selected="true" /> >> diff --git a/RHEL/6/input/profiles/fisma-medium-rhel6-server.xml >> b/RHEL/6/input/profiles/fisma-medium-rhel6-server.xml >> index 9e639f1..b604924 100644 >> --- a/RHEL/6/input/profiles/fisma-medium-rhel6-server.xml >> +++ b/RHEL/6/input/profiles/fisma-medium-rhel6-server.xml >> @@ -235,7 +235,6 @@ >> <select idref="service_smartd_disabled" selected="true" /> >> <select idref="service_sysstat_disabled" selected="true" /> >> <select idref="service_crond_enabled" selected="true" /> >> -<select idref="disable_anacron" selected="true" /> >> <select idref="service_atd_disabled" selected="true" /> >> <select idref="disable_avahi" selected="true" /> >> <select idref="mountopt_nodev_on_nonroot_partitions" selected="true" /> >> diff --git a/RHEL/6/input/profiles/nist-CL-IL-AL.xml >> b/RHEL/6/input/profiles/nist-CL-IL-AL.xml >> index ccb1ae6..9e0dd40 100644 >> --- a/RHEL/6/input/profiles/nist-CL-IL-AL.xml >> +++ b/RHEL/6/input/profiles/nist-CL-IL-AL.xml >> @@ -341,7 +341,6 @@ assurance."</description> >> <select idref="disable_dhcp_client" selected="true" /> >> <select idref="disable_avahi" selected="true" /> >> <select idref="service_crond_enabled" selected="true" /> >> -<select idref="disable_anacron" selected="true" /> >> <select idref="disable_dns_server" selected="true" /> >> <select idref="uninstall_bind" selected="true" /> >> <select idref="package_openldap-servers_removed" selected="true" /> >> diff --git a/RHEL/6/input/profiles/usgcb-rhel6-server.xml >> b/RHEL/6/input/profiles/usgcb-rhel6-server.xml >> index 7fa82c7..c6bad6b 100644 >> --- a/RHEL/6/input/profiles/usgcb-rhel6-server.xml >> +++ b/RHEL/6/input/profiles/usgcb-rhel6-server.xml >> @@ -208,7 +208,6 @@ >> <select idref="service_kdump_disabled" selected="true" /> >> <select idref="network_disable_zeroconf" selected="true" /> >> <select idref="service_crond_enabled" selected="true" /> >> -<select idref="disable_anacron" selected="true" /> >> <!-- PLACEHOLDER: cron file perms go here when ready --> >> <select idref="sshd_allow_only_protocol2" selected="true" /> >> <select idref="service_atd_disabled" selected="true" /> >> > > ack > > this leaves C2S (where we aren't upstream yet, so we should leave the rule > in the checklist), and CSCF (where Lockheed is really the upstream rule > owner). > _______________________________________________ > scap-security-guide mailing list > [email protected] > https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide >
_______________________________________________ scap-security-guide mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
