On 09/10/2013 01:51 PM, Shawn Wells wrote:
On 8/30/13 2:54 PM, Maura Dailey wrote:
+ <unix:file_object comment="/boot/efi/EFI/redhat/grub.conf"
id="object_file_group_owner_efi_grub_conf" version="1">
+ <unix:path>/boot/efi/EFI/redhat</unix:path>
+ <unix:filename>grub.conf</unix:filename>
+ </unix:file_object>
Please convert to filepath
+++ b/RHEL6/input/checks/file_user_owner_grub_conf.xml
@@ -1,14 +1,16 @@
<def-group>
<definition class="compliance" id="file_user_owner_grub_conf"
version="1">
<metadata>
- <title>File /boot/grub/grub.conf Owned By root User</title>
+ <title>File grub.conf Owned By root User</title>
<affected family="unix">
<platform>Red Hat Enterprise Linux 6</platform>
</affected>
- <description>The /boot/grub/grub.conf file should be owned by
the root user.</description>
+ <description>The grub.conf file should be owned by the root
user.</description>
This may sound silly, but we shouldn't assume ISSE/ISSMs know where
grub.conf is. This should be modified akin to "While the standard
location for grub.conf is /boot/grub.conf, on EFI systems, check
/boot/efi/EFI/redhat/grub.conf"
Hmm... Maybe something like "The grub.conf file should be owned by the
root user. By default, this file is located at /boot/grub.conf or, for
EFI systems, at /boot/efi/EFI/redhat/grub.conf"?
+ <reference source="MED" ref_id="20130830"
ref_url="test_attestation" />
+ <unix:file_object comment="/boot/efi/EFI/redhat/grub.conf"
id="object_file_user_owner_efi_grub_conf" version="1">
+ <unix:path>/boot/efi/EFI/redhat</unix:path>
+ <unix:filename>grub.conf</unix:filename>
+ </unix:file_object>
+
filepath vs filename
_______________________________________________
scap-security-guide mailing list
[email protected]
https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
_______________________________________________
scap-security-guide mailing list
[email protected]
https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
