On 8/5/14, 2:36 PM, Gabe Alford wrote:
Got it. So if the default behavior is disabled, then the scan passes.
Ignore this patch and the disable_rhosts patch then.
General question though: Are sites failing manual checks by IV&E-type
staff if these things are not explicitly configured? Technically the
OCIL should highlight failure conditions, but we could look at
elaborating the rule descriptions to reenforce such things are default
behaviors (and thus need not be explicitly configured).
--
SCAP Security Guide mailing list
[email protected]
https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
https://github.com/OpenSCAP/scap-security-guide/
