RHEL/7/input/profiles/stig-rhel7-server-upstream.xml has the following: <refine-value idref="var_password_pam_difok" selector="15" />
Should this be changed from 15 to 4? The help text indicates that the DoD requirement is 4, and other documentation seems to support this. -- Ray Shaw (Contractor, STG) Army Research Laboratory CISD, Unix Support -- SCAP Security Guide mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide https://github.com/OpenSCAP/scap-security-guide/
