On 9/20/18 10:52 AM, Albrecht, Thomas C wrote:
Ok, there’s an inconsistency then. The DISA STIG says that the
private keys need to be 0600. Looks like they set permissions to the
DISA version of the rule, but are scanning the SSG version of the rule.
Can you provide a “proof of concept” that shows the key generation
failing if the permissions are set to 0600 so I have something in my
back pocket to show our customer?
It's a known issue in the DISA content. We let them know about it a few
years ago now. Have been told a fix is making it's way through their
release processes.
_______________________________________________
scap-security-guide mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/[email protected]
