Agree about the "*The system is not compliant!*" text. A lot of our security people will freak out over it. Maybe either different types of non-compliance messages are based off of a %, or better non-compliance messages that are not so alarming.
Gabe On Thu, Aug 28, 2014 at 12:29 PM, Andrew Gilmore <agilmo...@gmail.com> wrote: > I like the new look and functionality. > > Two first blush comments: > 1) On the report document, I can imagine my security officials freaking > out over the in-your-face "*The system is not compliant!*" text. What is > the recommended course to ensure this text does not appear if you're > running the scan on a webserver, for example? Is it as simple as creating a > custom profile derived from the STIG profile? Does anyone directly use the > STIG profile, have a completely compliant system, and have a server that > actually does anything useful? > Up to now, I've left tests in that I have waivers for, and then pointed at > the waivers to justify the test failures. Perhaps I will need to change > that practice. > > 2) On the guide document, the text beginning "Providing system > administrators" occurs twice. > > > > > On Thu, Aug 28, 2014 at 11:49 AM, Martin Preisler <mprei...@redhat.com> > wrote: > >> Hi, >> >> as you may know I have been working on a complete rewrite of HTML report >> and guide for the upcoming openscap 1.1.0 release. It's a feature that will >> touch almost every user of openscap. I would like to gather feedback from >> the scap-security-guide community so that we can make sure there aren't any >> blocker issues in the release. It is natural that there will be small >> issues that we will iron out in minor releases. Basically we would just >> like to make sure the new report and guide aren't missing anything crucial >> that would prevent adoption. >> >> See https://mpreisle.fedorapeople.org/openscap/1.1.0_xslt/ for sample >> HTML report and guide from SSG for RHEL6. >> >> Looking forward to feedback. >> >> -- >> Martin Preisler >> -- >> SCAP Security Guide mailing list >> scap-security-guide@lists.fedorahosted.org >> https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide >> https://github.com/OpenSCAP/scap-security-guide/ > > > > -- > SCAP Security Guide mailing list > scap-security-guide@lists.fedorahosted.org > https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide > https://github.com/OpenSCAP/scap-security-guide/ >
-- SCAP Security Guide mailing list scap-security-guide@lists.fedorahosted.org https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide https://github.com/OpenSCAP/scap-security-guide/
