I like the new look and functionality. Two first blush comments: 1) On the report document, I can imagine my security officials freaking out over the in-your-face "*The system is not compliant!*" text. What is the recommended course to ensure this text does not appear if you're running the scan on a webserver, for example? Is it as simple as creating a custom profile derived from the STIG profile? Does anyone directly use the STIG profile, have a completely compliant system, and have a server that actually does anything useful? Up to now, I've left tests in that I have waivers for, and then pointed at the waivers to justify the test failures. Perhaps I will need to change that practice.
2) On the guide document, the text beginning "Providing system administrators" occurs twice. On Thu, Aug 28, 2014 at 11:49 AM, Martin Preisler <mprei...@redhat.com> wrote: > Hi, > > as you may know I have been working on a complete rewrite of HTML report > and guide for the upcoming openscap 1.1.0 release. It's a feature that will > touch almost every user of openscap. I would like to gather feedback from > the scap-security-guide community so that we can make sure there aren't any > blocker issues in the release. It is natural that there will be small > issues that we will iron out in minor releases. Basically we would just > like to make sure the new report and guide aren't missing anything crucial > that would prevent adoption. > > See https://mpreisle.fedorapeople.org/openscap/1.1.0_xslt/ for sample > HTML report and guide from SSG for RHEL6. > > Looking forward to feedback. > > -- > Martin Preisler > -- > SCAP Security Guide mailing list > scap-security-guide@lists.fedorahosted.org > https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide > https://github.com/OpenSCAP/scap-security-guide/
-- SCAP Security Guide mailing list scap-security-guide@lists.fedorahosted.org https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide https://github.com/OpenSCAP/scap-security-guide/
