>From a15e0b0da96e1667455bc17ded2299ec607cd660 Mon Sep 17 00:00:00 2001 From: Shawn Wells <[email protected]> Date: Fri, 29 Mar 2013 20:01:01 -0400 Subject: [PATCH 14/21] OVAL rule rename of no_rsh_trust_files - Changed OVAL rule name to match XCCDF name
--- RHEL6/input/checks/no_rsh_trust_files.xml | 38 ++++++++++++++++++++++ RHEL6/input/checks/no_rsh_trusted_host_files.xml | 38 ---------------------- RHEL6/input/services/obsolete.xml | 2 +- 3 files changed, 39 insertions(+), 39 deletions(-) create mode 100644 RHEL6/input/checks/no_rsh_trust_files.xml delete mode 100644 RHEL6/input/checks/no_rsh_trusted_host_files.xml diff --git a/RHEL6/input/checks/no_rsh_trust_files.xml b/RHEL6/input/checks/no_rsh_trust_files.xml new file mode 100644 index 0000000..1e05dd1 --- /dev/null +++ b/RHEL6/input/checks/no_rsh_trust_files.xml @@ -0,0 +1,38 @@ +<def-group> + <definition class="compliance" id="no_rsh_trusted_host_files" version="1"> + <metadata> + <title>No Legacy .rhosts Or hosts.equiv Files</title> + <affected family="unix"> + <platform>Red Hat Enterprise Linux 6</platform> + </affected> + <description>There should not be any .rhosts or hosts.equiv files on the system.</description> + </metadata> + <criteria operator="AND"> + <criterion test_ref="test_no_rsh_trusted_host_files_root" negate="true" /> + <criterion test_ref="test_no_rsh_trusted_host_files_home" negate="true" /> + <criterion test_ref="test_no_rsh_trusted_host_files_etc" negate="true" /> + </criteria> + </definition> + <unix:file_test check="all" check_existence="at_least_one_exists" comment="look for .rhosts or .shosts in /root" id="test_no_rsh_trusted_host_files_root" version="1"> + <unix:object object_ref="object_no_rsh_trusted_host_files_root" /> + </unix:file_test> + <unix:file_test check="all" check_existence="at_least_one_exists" comment="look for .rhosts or .shosts in /home" id="test_no_rsh_trusted_host_files_home" version="1"> + <unix:object object_ref="object_no_rsh_trusted_host_files_home" /> + </unix:file_test> + <unix:file_test check="all" check_existence="at_least_one_exists" comment="look for /etc/hosts.equiv or /etc/shosts.equiv" id="test_no_rsh_trusted_host_files_etc" version="1"> + <unix:object object_ref="object_no_rsh_trusted_host_files_etc" /> + </unix:file_test> + <unix:file_object comment="look for .rhosts or .shosts in /root" id="object_no_rsh_trusted_host_files_root" version="1"> + <unix:path operation="equals">/root</unix:path> + <unix:filename operation="pattern match">^\.(r|s)hosts$</unix:filename> + </unix:file_object> + <unix:file_object comment="look for .rhosts or .shosts in /home" id="object_no_rsh_trusted_host_files_home" version="1"> + <unix:behaviors recurse="directories" recurse_direction="down" max_depth="1" recurse_file_system="all" /> + <unix:path operation="equals">/home</unix:path> + <unix:filename operation="pattern match">^\.(r|s)hosts$</unix:filename> + </unix:file_object> + <unix:file_object comment="look for /etc/hosts.equiv or /etc/shosts.equiv" id="object_no_rsh_trusted_host_files_etc" version="1"> + <unix:path operation="equals">/etc</unix:path> + <unix:filename operation="pattern match">^s?hosts.equiv$</unix:filename> + </unix:file_object> +</def-group> diff --git a/RHEL6/input/checks/no_rsh_trusted_host_files.xml b/RHEL6/input/checks/no_rsh_trusted_host_files.xml deleted file mode 100644 index 1e05dd1..0000000 --- a/RHEL6/input/checks/no_rsh_trusted_host_files.xml +++ /dev/null @@ -1,38 +0,0 @@ -<def-group> - <definition class="compliance" id="no_rsh_trusted_host_files" version="1"> - <metadata> - <title>No Legacy .rhosts Or hosts.equiv Files</title> - <affected family="unix"> - <platform>Red Hat Enterprise Linux 6</platform> - </affected> - <description>There should not be any .rhosts or hosts.equiv files on the system.</description> - </metadata> - <criteria operator="AND"> - <criterion test_ref="test_no_rsh_trusted_host_files_root" negate="true" /> - <criterion test_ref="test_no_rsh_trusted_host_files_home" negate="true" /> - <criterion test_ref="test_no_rsh_trusted_host_files_etc" negate="true" /> - </criteria> - </definition> - <unix:file_test check="all" check_existence="at_least_one_exists" comment="look for .rhosts or .shosts in /root" id="test_no_rsh_trusted_host_files_root" version="1"> - <unix:object object_ref="object_no_rsh_trusted_host_files_root" /> - </unix:file_test> - <unix:file_test check="all" check_existence="at_least_one_exists" comment="look for .rhosts or .shosts in /home" id="test_no_rsh_trusted_host_files_home" version="1"> - <unix:object object_ref="object_no_rsh_trusted_host_files_home" /> - </unix:file_test> - <unix:file_test check="all" check_existence="at_least_one_exists" comment="look for /etc/hosts.equiv or /etc/shosts.equiv" id="test_no_rsh_trusted_host_files_etc" version="1"> - <unix:object object_ref="object_no_rsh_trusted_host_files_etc" /> - </unix:file_test> - <unix:file_object comment="look for .rhosts or .shosts in /root" id="object_no_rsh_trusted_host_files_root" version="1"> - <unix:path operation="equals">/root</unix:path> - <unix:filename operation="pattern match">^\.(r|s)hosts$</unix:filename> - </unix:file_object> - <unix:file_object comment="look for .rhosts or .shosts in /home" id="object_no_rsh_trusted_host_files_home" version="1"> - <unix:behaviors recurse="directories" recurse_direction="down" max_depth="1" recurse_file_system="all" /> - <unix:path operation="equals">/home</unix:path> - <unix:filename operation="pattern match">^\.(r|s)hosts$</unix:filename> - </unix:file_object> - <unix:file_object comment="look for /etc/hosts.equiv or /etc/shosts.equiv" id="object_no_rsh_trusted_host_files_etc" version="1"> - <unix:path operation="equals">/etc</unix:path> - <unix:filename operation="pattern match">^s?hosts.equiv$</unix:filename> - </unix:file_object> -</def-group> diff --git a/RHEL6/input/services/obsolete.xml b/RHEL6/input/services/obsolete.xml index d123676..4a310c7 100644 --- a/RHEL6/input/services/obsolete.xml +++ b/RHEL6/input/services/obsolete.xml @@ -209,7 +209,7 @@ used in conjunction with the R-services, they can allow unauthenticated access to a system.</rationale> <ident cce="27270-8" /> <ref nist="AC-17(8),CM-7" disa="1436" /> -<oval id="no_rsh_trusted_host_files" /> +<oval id="no_rsh_trust_files" /> <tested by="DS" on="20121026"/> </Rule> -- 1.7.1
_______________________________________________ scap-security-guide mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
