Hi Watson,
Please check and advise on analysis of report for pass cases as under.
Analysis of report for Pass cases :
As per report these cases are reported as "Pass" when certain parameters
(USE_SSL, CSRF_COOKIE_SECURE, SESSION_COOKIE_SECURE, SESSION_COOKIE_HTTPONLY)
are set to "True" and reported as "Fail" when set to "False" in
"/etc/openstack-dashboard/local_settings" file.
But Scan report after setting these parameters to "False" still shows
respective cases as "Pass".
Best Regards
Shri Prakash
From: Shri Prakash Sikariwal
Sent: Monday, March 27, 2017 12:37 PM
To: 'Watson Yuuma Sato' <ws...@redhat.com>
Subject: RE: [Open-scap] RHOSP system evaluation with Openscap
Hi Watson,
It is marked 'notchecked' because they don't have oval checks implemented.
Check this PR https://github.com/OpenSCAP/scap-security-guide/pull/913 if you'd
like more details.
Shri>> Could you please let know oscap team plan to get this implemented?
Best Regards
Shri Prakash
From: Watson Yuuma Sato [mailto:ws...@redhat.com]
Sent: Thursday, March 16, 2017 9:34 AM
To: Shri Prakash Sikariwal
<shri.sikari...@aricent.com<mailto:shri.sikari...@aricent.com>>;
open-scap-list@redhat.com<mailto:open-scap-list@redhat.com>
Subject: Re: [Open-scap] RHOSP system evaluation with Openscap
On 14/03/17 21:50, Shri Prakash Sikariwal wrote:
Hi,
Hello,
System (Packstack newton deployed on RHEL7.3 virtual box VM) evaluation using
policy 'ssg-rhel-osp7-xccdf.xml' shows 6 cases pass and 26 notchecked. Report
is attached. This openscap security policy is downloaded from following link.
https://github.com/OpenSCAP/scap-security-guide/releases/download/v0.1.31/scap-security-guide-0.1.31.tar.gz
Could you please guide me to reason for 'notchecked' cases.
It is marked 'notchecked' because they don't have oval checks implemented.
Check this PR https://github.com/OpenSCAP/scap-security-guide/pull/913 if you'd
like more details.
Best Regards
Shri Prakash
"DISCLAIMER: This message is proprietary to Aricent and is intended solely for
the use of the individual to whom it is addressed. It may contain privileged or
confidential information and should not be circulated or used for any purpose
other than for what it is intended. If you have received this message in error,
please notify the originator immediately. If you are not the intended
recipient, you are notified that you are strictly prohibited from using,
copying, altering, or disclosing the contents of this message. Aricent accepts
no responsibility for loss or damage arising from the use of the information
transmitted by this email including damage from virus."
___
Open-scap-list mailing list
Open-scap-list@redhat.com<mailto:Open-scap-list@redhat.com>
https://www.redhat.com/mailman/listinfo/open-scap-list
Regards,
--
Watson Sato
Security Technologies | Red Hat, Inc
"DISCLAIMER: This message is proprietary to Aricent and is intended solely for
the use of the individual to whom it is addressed. It may contain privileged or
confidential information and should not be circulated or used for any purpose
other than for what it is intended. If you have received this message in error,
please notify the originator immediately. If you are not the intended
recipient, you are notified that you are strictly prohibited from using,
copying, altering, or disclosing the contents of this message. Aricent accepts
no responsibility for loss or damage arising from the use of the information
transmitted by this email including damage from virus."
___
Open-scap-list mailing list
Open-scap-list@redhat.com
https://www.redhat.com/mailman/listinfo/open-scap-list