A few items noted as missing have been added to the STIG profile.
To prevent such oversights in the future, there now exist tools to ensure that
all Rules with CCI references are included in the STIG profile (or rather,
developers can easily note any that are not, and act accordingly).
This can be done by the new Makerule "make submission-stig-check".
A few Rules currently bear CCI references, but which had been
indicated not to be included. I believe that liberating
these Rules of the CCI reference will not decrease satisfaction
of the OS SRG, though such changes will be reflected in the SRG
mapping. I will leave it to other to decide how to adjust.
Jeffrey Blank (4):
added new Makerule to activate checking Profiles for reference
inclusion
added Rules w/CCI to STIG profile after running script
removed some CCI references from best-practice base service
disablement Rules
renamed a Rule, removed redundant CCI ref
_______________________________________________
scap-security-guide mailing list
scap-security-guide@lists.fedorahosted.org
https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
