[Open-scap] CCE-27309-4, xccdf_org.ssgproject.content_rule_bootloader_password for RHEL 7 question
Greg Silverman
Greg.Silverman at veritas.com
Tue Mar 6 01:57:55 UTC 2018
We have been using OSCAP 1.31. In that version, this rule, xccdf_org.ssgproject.content_rule_bootloader_password, is checked by searching the grub.cfg file for the hash of the password, instead of checking for the existence of user.cfg and its contents containing the hash. I see in https://github.com/OpenSCAP/scap-security-guide/pull/2619/files that there is a change related to checking user.cfg. I cannot quite tell what it is doing. Is it saying that checking the user.cfg file is sufficient?
Thanks,
Greg Silverman
Veritas Technologies
Mountain View, CA
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/open-scap-list/attachments/20180306/0f59cacc/attachment.htm>
More information about the Open-scap-list
mailing list