Could there be an opt-in compile option? Something like --yes-i-know-this-isnt-official-but-im-using-this-for-testing-centos-plz
Right now, I use these as a quick test to make sure that nothing silly broke using free resources with CentOS VMs. I certainly understand that this does not guarantee RHEL compatibility, etc... but it does let me know if something insane happened and I can then go see if it's a CentOS mess up or something that broken in either the SSG or RHEL. Trevor On Fri, Dec 28, 2018 at 2:22 PM Shawn Wells <[email protected]> wrote: > > On 12/28/18 11:06 AM, Chuck Atkins wrote: > > I just noticed that all the EL derivatives in the current SSG no > > longer get any of the government security profiles, only pci-dss and > > standard. What happend to all of te other profiles available for RHEL7? > > > The ones for RHEL are still there, as are Ubuntu and OEL :) > > Derivatives (e.g. CentOS) don't have STIGs or other formal US Gov config > baselines. Shipping baselines with formal names (e.g. STIG or NIST > National Checklist) for the derivatives was slightly misleading, and > some users thought derivatives held formal approvals (e.g. a CentOS STIG > published by DISA). > > Other baselines, such as PCI-DSS, are generic and don't represent a > formal/"regulatory managed" baseline akin to DoD STIGs. > > That said, baselines for derivatives are still needed by some in the > community. Could be an opportunity for someone to create a "FISMA" or > "NIST 800-53" style baseline since those are open standards. > > _______________________________________________ > scap-security-guide mailing list -- > [email protected] > To unsubscribe send an email to > [email protected] > Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedorahosted.org/archives/list/[email protected] > -- Trevor Vaughan Vice President, Onyx Point, Inc (410) 541-6699 x788 -- This account not approved for unencrypted proprietary information --
_______________________________________________ scap-security-guide mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected]
