From: "Shawn Wells" <shawn(a)redhat.com>
To: scap-security-guide(a)lists.fedorahosted.org
Sent: Tuesday, May 27, 2014 6:36:29 PM
Subject: Re: [PATCH 1/2] [RHEL/6] Add upstream STIG for RHEL 6 Server profile disclaimer
into the scap-security-guide
manual page and also into dedicated file under the package's /doc directory.
On 5/26/14, 10:56 AM, Jan Lieskovsky wrote:
0001-RHEL-6-Add-upstream-STIG-for-RHEL-6-Server-profile-d.patch
From 2f86166884ea549069d53416b421943dbb97d25b Mon Sep 17 00:00:00 2001
From: Jan Lieskovsky <jlieskov(a)redhat.com> Date: Mon, 26 May 2014 15:35:02
+0200
Subject: [PATCH 1/2] [RHEL/6] Add upstream STIG for RHEL 6 Server profile
disclaimer into the scap-security-guide manual page and also into
dedicated file under the package's /doc directory.
Signed-off-by: Jan Lieskovsky <jlieskov(a)redhat.com> ---
...STREAM_STIG_FOR_RHEL6_SERVER_PROFILE_DISCLAIMER | 16 ++++++++++
RHEL/6/input/auxiliary/scap-security-guide.8 | 34
++++++++++++++--------
scap-security-guide.spec | 2 +-
3 files changed, 39 insertions(+), 13 deletions(-)
create mode 100644
RHEL/6/input/auxiliary/UPSTREAM_STIG_FOR_RHEL6_SERVER_PROFILE_DISCLAIMER
diff --git
a/RHEL/6/input/auxiliary/UPSTREAM_STIG_FOR_RHEL6_SERVER_PROFILE_DISCLAIMER
b/RHEL/6/input/auxiliary/UPSTREAM_STIG_FOR_RHEL6_SERVER_PROFILE_DISCLAIMER
new file mode 100644
index 0000000..56bd564
--- /dev/null
+++
b/RHEL/6/input/auxiliary/UPSTREAM_STIG_FOR_RHEL6_SERVER_PROFILE_DISCLAIMER
@@ -0,0 +1,16 @@
+The upstream STIG for RHEL 6 Server profile "stig-rhel6-server-upstream" is
+developed under the DoD consensus model and DISA FSO Vendor STIG process,
+serving as the upstream development environment for the Red Hat Enterprise
+Linux 6 Server STIG.
+
+As a result of the upstream/downstream relationship between the SCAP
Security
+Guide project and the official DISA FSO STIG baseline, users should expect
+variance between SSG and DISA FSO content. For official DISA FSO STIG
content,
+refer to
http://iase.disa.mil/stigs/os/unix/red_hat.html .
+
+While this profile is packaged by Red Hat as part of the SCAP Security Guide
+package, please note that commercial support of this SCAP content is NOT
+available. This profile is provided as example SCAP content with no
endorsement
+for suitability or production readiness. Support for this profile is
provided
+by the upstream SCAP Security Guide community on a best-effort basis. The
+upstream project homepage is
https://fedorahosted.org/scap-security-guide/ .
The filename is a bit long in the tooth; perhaps just "DISCLAIMER"? It's a
nitpick, but many users will likely be familiar with "DISCLAIMER" as the
filename.
Thanks, Shawn. Agree that the filename was way too long. Shortened to your
proposal & pushed to master:
Thank you && Regards, Jan.
--
Jan iankko Lieskovsky / Red Hat Security Technologies Team
--
Shawn Wells
Director, Innovation Programs shawn(a)redhat.com | 443.534.0130
@shawndwells
_______________________________________________
scap-security-guide mailing list
scap-security-guide(a)lists.fedorahosted.org
https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide