71 lines
4.4 KiB
Diff
71 lines
4.4 KiB
Diff
|
diff --git a/dist/fedora/scap-fedora14-xccdf.xml b/dist/fedora/scap-fedora14-xccdf.xml
|
||
|
index 91080aa..ee63a51 100644
|
||
|
--- a/dist/fedora/scap-fedora14-xccdf.xml
|
||
|
+++ b/dist/fedora/scap-fedora14-xccdf.xml
|
||
|
@@ -11,10 +11,11 @@
|
||
|
resolved="1"
|
||
|
id="scap-fedora14-xccdf.xml"
|
||
|
xml:lang="en">
|
||
|
- <status date="2010-09-11">draft</status>
|
||
|
- <title>Guide to the Secure Configuration of Fedora Linux</title>
|
||
|
- <description>This guide has been created to assist IT professionals, in effectively securing systems with Fedora Linux.</description>
|
||
|
- <version>0.6.3</version>
|
||
|
+ <status date="2011-10-12">draft</status>
|
||
|
+ <title>Example of SCAP Security Guidance</title>
|
||
|
+ <description>This example security guidance has been created to demonstrate SCAP functionality
|
||
|
+on Linux.</description>
|
||
|
+ <version>0.1</version>
|
||
|
<model system="urn:xccdf:scoring:default" />
|
||
|
<model system="urn:xccdf:scoring:flat" />
|
||
|
<!-- ==================================================================================================== -->
|
||
|
@@ -25,9 +26,11 @@
|
||
|
<!-- Each defines the set of XCCDF rules that are applicable for that guidance as well as specific values -->
|
||
|
<!-- to be used when determining complinace. -->
|
||
|
<!-- -->
|
||
|
- <Profile id="F14-Desktop" abstract="false">
|
||
|
- <title xml:lang="en">Fedora 14 desktop settings</title>
|
||
|
- <description xml:lang="en">This profile selects security controls that conform to default Fedora 14 configuration.</description>
|
||
|
+ <Profile id="F14-Default" abstract="false">
|
||
|
+ <title xml:lang="en">Default install settings</title>
|
||
|
+ <description xml:lang="en">This profile is an example policy that simply checks if some of Fedora 14 default
|
||
|
+install settings have been modified. It is not comprehensive nor checks security hardening. It is just for testing
|
||
|
+purposes.</description>
|
||
|
<select idref="rule-2.1.1.1.1.a" selected="false" /> <!-- DONE --> <!-- Separate Partition or Logical Volume for /tmp -->
|
||
|
<select idref="rule-2.1.1.1.1.b" selected="false"/> <!-- DONE --> <!-- Minimum size of /tmp -->
|
||
|
<select idref="rule-2.1.1.1.2.a" selected="false" /> <!-- DONE --> <!-- Separate Partition or Logical Volume for /var -->
|
||
|
diff --git a/dist/rhel6/scap-rhel6-xccdf.xml b/dist/rhel6/scap-rhel6-xccdf.xml
|
||
|
index 272edb2..82180f7 100644
|
||
|
--- a/dist/rhel6/scap-rhel6-xccdf.xml
|
||
|
+++ b/dist/rhel6/scap-rhel6-xccdf.xml
|
||
|
@@ -1,22 +1,18 @@
|
||
|
<?xml version="1.0" encoding="UTF-8"?>
|
||
|
<Benchmark xmlns="http://checklists.nist.gov/xccdf/1.1" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" id="RHEL-6" xsi:schemaLocation="http://checklists.nist.gov/xccdf/1.1 xccdf-1.1.4.xsd" resolved="0" xml:lang="en-US">
|
||
|
- <status date="2011-04-13">draft</status>
|
||
|
- <title xml:lang="en-US">Guidance for Securing Red Hat Enterprise Linux 6</title>
|
||
|
- <description xml:lang="en-US">This guide has been created to assist IT professionals in effectively securing
|
||
|
- systems running Red Hat Enterprise Linux</description>
|
||
|
+ <status date="2011-10-12">draft</status>
|
||
|
+ <title xml:lang="en-US">Example of SCAP Security Guidance</title>
|
||
|
+ <description xml:lang="en-US">This example security guidance has been created to demonstrate SCAP functionality
|
||
|
+on Linux.</description>
|
||
|
<platform idref="cpe:/o:redhat:enterprise_linux:6"/>
|
||
|
<version>0.2</version>
|
||
|
<model system="urn:xccdf:scoring:default"/>
|
||
|
<model system="urn:xccdf:scoring:flat"/>
|
||
|
<Profile id="RHEL6-Default">
|
||
|
- <title xml:lang="en-US">RHEL 6 Profile For Default Installation</title>
|
||
|
- <description xml:lang="en-US">XCCDF profile for evaluation of RHEL 6 updates.
|
||
|
- This profile is designed for evaluation of default configuration of a
|
||
|
- fresh installation of RHEL 6 system. It should be executed for every
|
||
|
- RHEL 6 update. Additional security hardening of the system should be
|
||
|
- done prior to deploying it in a production environment.
|
||
|
- All enabled XCCDF rules should pass.
|
||
|
- </description>
|
||
|
+ <title xml:lang="en-US">Default install settings</title>
|
||
|
+ <description xml:lang="en-US">This profile is an example policy that simply checks if some of RHEL6 default
|
||
|
+install settings have been modified. It is not comprehensive nor checks security hardening. It is just for testing
|
||
|
+purposes.</description>
|
||
|
<select idref="rule-1005" selected="true"/>
|
||
|
<select idref="rule-1007" selected="true"/>
|
||
|
<select idref="rule-1008" selected="true"/>
|