A nicely loaded question.
As you've noticed, we don't have any <fix> tags. Such commands, when available, are just in the <description> or possibly <rationale>, and marked up with xhtml.
I also might expect there to be plenty of <Rule>s which simply won't have <fix> tags (such as edits to configuration files like pam.d/system-auth or sshd_config, or disk partitioning instructions). On the plus side, it would obviously be a cheap/easy way to annotate remediation instructions. On the minus side, I see it as leading to sed/awk in some of our output documents, and think this will make them less approachable/comprehensible. (I'm certainly fine with it being there, and hidden.)
Is there a project/effort/output which would benefit from <fix> tags?
On 03/13/2012 10:21 AM, Steve Grubb wrote:
On Monday, March 12, 2012 05:59:06 PM Jeffrey Blank wrote:
others?
Content without<fix> tags?
-Steve