From: Leland Steinke <[email protected]> - Update VRelease key - Add OCIL applicability statement
Signed-off-by: Leland Steinke <[email protected]> --- RHEL/6/input/auxiliary/stig_overlay.xml | 2 +- RHEL/6/input/system/auditing.xml | 1 + 2 files changed, 2 insertions(+), 1 deletions(-) diff --git a/RHEL/6/input/auxiliary/stig_overlay.xml b/RHEL/6/input/auxiliary/stig_overlay.xml index bc540d6..86a5b5e 100644 --- a/RHEL/6/input/auxiliary/stig_overlay.xml +++ b/RHEL/6/input/auxiliary/stig_overlay.xml @@ -469,7 +469,7 @@ <title>The audit system must be configured to audit all attempts to alter system time through settimeofday.</title> </overlay> <overlay owner="disastig" ruleid="audit_rules_time_stime" ownerid="RHEL-06-000169" disa="169" severity="low"> - <VMSinfo VKey="38525" SVKey="50326" VRelease="2" /> + <VMSinfo VKey="38525" SVKey="50326" VRelease="3" /> <title>The audit system must be configured to audit all attempts to alter system time through stime.</title> </overlay> <overlay owner="disastig" ruleid="audit_rules_time_clock_settime" ownerid="RHEL-06-000171" disa="169" severity="low"> diff --git a/RHEL/6/input/system/auditing.xml b/RHEL/6/input/system/auditing.xml index 6c9f696..fbad0a9 100644 --- a/RHEL/6/input/system/auditing.xml +++ b/RHEL/6/input/system/auditing.xml @@ -556,6 +556,7 @@ See an example of multiple combined syscalls: -k audit_time_rules</pre> </description> <ocil clause="the system is not configured to audit time changes"> +if the system is 64-bit only, this is not applicable.<br /> <audit-syscall-check-macro syscall="stime" /> </ocil> <rationale>Arbitrary changes to the system time can be used to obfuscate -- 1.7.1 -- SCAP Security Guide mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide https://github.com/OpenSCAP/scap-security-guide/
