On 4/26/12 8:05 PM, Willy Santos wrote:
CCI-000199 requires the enforcement of max password lifetime restrictions this
is met by the password_max_age rule.
Signed-off-by: Willy Santos<[email protected]>
---
.../accounts/restrictions/password_expiration.xml | 1 +
1 files changed, 1 insertions(+), 0 deletions(-)
diff --git
a/rhel6/src/input/system/accounts/restrictions/password_expiration.xml
b/rhel6/src/input/system/accounts/restrictions/password_expiration.xml
index ad67fdb..7af1a0d 100644
--- a/rhel6/src/input/system/accounts/restrictions/password_expiration.xml
+++ b/rhel6/src/input/system/accounts/restrictions/password_expiration.xml
@@ -122,6 +122,7 @@ make the change at a practical time prior to expiration.
<ident cce="4092-3" />
<oval id="accounts_maximum_age_login_defs" />
<ref nist="CM-6, CM-7, IA-5, AC-3" />
+<ident cci="CCI-000199" />
</Rule>
Ack
--
Shawn Wells
Technical Director,
U.S. Intelligence Programs
(e) [email protected]
(c) 443.534.0130
_______________________________________________
scap-security-guide mailing list
[email protected]
https://fedorahosted.org/mailman/listinfo/scap-security-guide
