Re: [PATCH 25/33] Mapped CCI-001352 to unmet_impractical_product.

Thu, 05 Jul 2012 15:11:58 -0700 

On 7/5/12 4:52 PM, Willy Santos wrote:

CCI-001352 requires protection of audit records from users with privileged 
access. The audit system runs and writes to files as the root user, thus users 
with legitimate access to the root account will have access to audit 
information.

Signed-off-by: Willy Santos <[email protected]>
---
  rhel6/src/input/auxiliary/srg_support.xml |    2 +-
  1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/rhel6/src/input/auxiliary/srg_support.xml 
b/rhel6/src/input/auxiliary/srg_support.xml
index 575753d..6241599 100644
--- a/rhel6/src/input/auxiliary/srg_support.xml
+++ b/rhel6/src/input/auxiliary/srg_support.xml
@@ -30,7 +30,7 @@ The requirement is impractical or out of scope.
  The product does not meet this requirement.
  The requirement is impractical or out of scope.
  </description>
-<ref disa="28,29,30,32,24,1695,1169,1170" />
+<ref disa="28,29,30,32,24,1695,1169,1170,1352" />
  </Group> <!-- end unmet_impractical_product -->
<Group id="requirement_unclear">
This is achievable if we enforce MCS. I'm not sure we want to tackle that yet, though. 
_______________________________________________
scap-security-guide mailing list
[email protected]
https://fedorahosted.org/mailman/listinfo/scap-security-guide

Reply via email to