It doesn't look like encrypted partitions were in the final STIG. Sent from my iPhone
> On Mar 24, 2017, at 3:57 PM, "[email protected]" <[email protected]> wrote: > > DISA has released a STIG for RHEL 7. redhatrises updated an overlay to > account for the final release from DISA of RHEL7 STIG. What additional work, > if any, needs to be done to SSG in order for oscap to be able to scan > relative to the final DISA STIG for RHEL 7? > > When I clone the github repository, run cmake and examine > build/ssg-rhel7-ds.xml, it shows > xccdf_org.ssgproject.content_rule_encrypt_partitions select="true" for > profile *STIG for Red Hat Enterprise Linux 7 Server Running GUI*. When I > load up the final RHEL7 STIG, I can't find any vulnerability related to > unencrypted partitions. Am I missing the vulnerability in the STIG, or is > the SSG adding security checks to the profile? > > Thanks, > Chad > _______________________________________________ > scap-security-guide mailing list -- [email protected] > To unsubscribe send an email to > [email protected] _______________________________________________ scap-security-guide mailing list -- [email protected] To unsubscribe send an email to [email protected]
