Spent the week at RSA. Someone from a large technology company in Japan approached asked why SELinux wasn't enabled in the RHEL7 PCI profile. Sure enough... it's not there:
https://github.com/OpenSCAP/scap-security-guide/blob/master/RHEL/7/input/profiles/pci-dss.xml https://github.com/OpenSCAP/scap-security-guide/blob/master/RHEL/6/input/profiles/pci-dss.xml I vaguely recall the enabled rules are direct PCI mappings (e.g. a minimum baseline)... but I don't really remember why SELinux isn't evaluated. Anyone else recall? Wanted to ping the mailing list prior to making a PR to add it! _______________________________________________ scap-security-guide mailing list -- [email protected] To unsubscribe send an email to [email protected]
