On 4/26/12 8:06 PM, Willy Santos wrote:
CCI-000195 requires enforcing of the number of the characters changed when
passwords are changed, password_require_diffchars rule meets this requirement
Signed-off-by: Willy Santos<[email protected]>
---
rhel6/src/input/system/accounts/pam.xml | 1 +
1 files changed, 1 insertions(+), 0 deletions(-)
diff --git a/rhel6/src/input/system/accounts/pam.xml
b/rhel6/src/input/system/accounts/pam.xml
index 0bf95ff..8236e6f 100644
--- a/rhel6/src/input/system/accounts/pam.xml
+++ b/rhel6/src/input/system/accounts/pam.xml
@@ -244,6 +244,7 @@ Note that passwords which are changed on compromised
systems will still be compr
<oval id="accounts_password_pam_cracklib_difok"
value="var_password_pam_cracklib_difok"/>
<ref nist="IA-5" />
</Rule>
+<ident cci="CCI-000195" />
</Group>
</Group>
Ack
--
Shawn Wells
Technical Director,
U.S. Intelligence Programs
(e) [email protected]
(c) 443.534.0130
_______________________________________________
scap-security-guide mailing list
[email protected]
https://fedorahosted.org/mailman/listinfo/scap-security-guide
