On 08/17/2014 09:29 PM, Shane Shaffer wrote:
Again, the suggested fix is valid, but the source of the problem is
the platform tags in the XCCDF, not the platform tags in the OVAL.
That is correct.
It is also possible to remove the XCCDF <platform> element(s) entirely
and simply assign the benchmark to be evaluated on an arbitrary target.
Those who have Scientific Linux for which (AFAIK) no CPEs exist can
employ such a technique (or, as previously mentioned, make the related
CPE OVAL check more catholic).
--
SCAP Security Guide mailing list
scap-security-guide@lists.fedorahosted.org
https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
https://github.com/OpenSCAP/scap-security-guide/
