Hello,
I have been having an issue with the no_files_unowned_by_group rule. I am
running scans on both a local system and a remote vm and both systems are
failing. The OVAL output for the local system suggests that five root-owned
files are causing the failure. In actuality these files are root:root. When I
run a find / -xdev -nogroup -print I receive a slew of files that really do not
have group ownership. Initially I wrote this off as a simple oval-output error,
however my vm also fails the check and has no group-unowned files. The oval
output for that failed-rule indicates that a single root-owned file (/.autofsk)
is responsible for the failure. Is there a known-issue with this rule?
Failed files on Local System
//console.txt
//.Xauthority
//.autofsk
//rootk
//ansys_inc
Failed Files on VM
//.autofsk
Luke K
--
SCAP Security Guide mailing list
[email protected]
https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
https://github.com/OpenSCAP/scap-security-guide/
