[PATCH] OVAL cleanup to address validation errors - scap-security-guide - Fedora mailing-lists

10 Jun 2013

---
 .../input/checks/file_ownership_var_log_audit.xml  |    2 --
 .../checks/file_permissions_unauthorized_sgid.xml  |    1 -
 .../checks/file_permissions_unauthorized_suid.xml  |    1 -
 ...ile_permissions_unauthorized_world_writable.xml |    1 -
 4 files changed, 0 insertions(+), 5 deletions(-)

diff --git a/RHEL6/input/checks/file_ownership_var_log_audit.xml b/RHEL6/input/checks/file_ownership_var_log_audit.xml
index a6e5c19..bfadd48 100644
--- a/RHEL6/input/checks/file_ownership_var_log_audit.xml
+++ b/RHEL6/input/checks/file_ownership_var_log_audit.xml
@@ -14,11 +14,9 @@
   </definition>
   <unix:file_test check="all" check_existence="none_exist" comment="/var/log/audit directories uid root gid root" id="test_ownership_var_log_audit_directories" version="1">
     <unix:object object_ref="object_ownership_var_log_audit_directories" />
-    <unix:state state_ref="state_owner_not_root_root_var_log_audit" />
   </unix:file_test>
   <unix:file_test check="all" check_existence="none_exist" comment="/var/log/audit files uid root gid root" id="test_ownership_var_log_audit_files" version="1">
     <unix:object object_ref="object_ownership_var_log_audit_files" />
-    <unix:state state_ref="state_owner_not_root_root_var_log_audit" />
   </unix:file_test>
   <unix:file_object comment="/var/log/audit directories" id="object_ownership_var_log_audit_directories" version="1">
     <unix:behaviors recurse="directories" recurse_direction="down" max_depth="-1" recurse_file_system="all" />
diff --git a/RHEL6/input/checks/file_permissions_unauthorized_sgid.xml b/RHEL6/input/checks/file_permissions_unauthorized_sgid.xml
index 5f10e5d..098143b 100644
--- a/RHEL6/input/checks/file_permissions_unauthorized_sgid.xml
+++ b/RHEL6/input/checks/file_permissions_unauthorized_sgid.xml
@@ -17,7 +17,6 @@
   <!-- sgid files are approved for use. -->
   <unix:file_test check="all" check_existence="none_exist" comment="/etc/skel files mode 0644" id="test_file_permissions_unauthorized_sgid" version="1">
     <unix:object object_ref="object_file_permissions_unauthorized_sgid" />
-    <unix:state state_ref="state_file_permissions_unauthorized_sgid" />
   </unix:file_test>
   <unix:file_object comment="files with sgid set" id="object_file_permissions_unauthorized_sgid" version="1">
     <unix:behaviors recurse="directories" recurse_direction="down" max_depth="-1" recurse_file_system="local" />
diff --git a/RHEL6/input/checks/file_permissions_unauthorized_suid.xml b/RHEL6/input/checks/file_permissions_unauthorized_suid.xml
index 14beff4..07bb09f 100644
--- a/RHEL6/input/checks/file_permissions_unauthorized_suid.xml
+++ b/RHEL6/input/checks/file_permissions_unauthorized_suid.xml
@@ -17,7 +17,6 @@
   <!-- suid files are approved for use. -->
   <unix:file_test check="all" check_existence="none_exist" comment="/etc/skel files mode 0644" id="test_file_permissions_unauthorized_suid" version="1">
     <unix:object object_ref="object_file_permissions_unauthorized_suid" />
-    <unix:state state_ref="state_file_permissions_unauthorized_suid" />
   </unix:file_test>
   <unix:file_object comment="files with suid set" id="object_file_permissions_unauthorized_suid" version="1">
     <unix:behaviors recurse="directories" recurse_direction="down" max_depth="-1" recurse_file_system="local" />
diff --git a/RHEL6/input/checks/file_permissions_unauthorized_world_writable.xml b/RHEL6/input/checks/file_permissions_unauthorized_world_writable.xml
index 74b2336..599ad98 100644
--- a/RHEL6/input/checks/file_permissions_unauthorized_world_writable.xml
+++ b/RHEL6/input/checks/file_permissions_unauthorized_world_writable.xml
@@ -17,7 +17,6 @@
   <!-- the system administrator to determine which world writable files are approved for use. -->
   <unix:file_test check="all" check_existence="none_exist" comment="world writable files" id="test_file_permissions_unauthorized_world_write" version="1">
     <unix:object object_ref="object_file_permissions_unauthorized_world_write" />
-    <unix:state state_ref="state_file_permissions_unauthorized_world_write" />
   </unix:file_test>
   <unix:file_object comment="world writable" id="object_file_permissions_unauthorized_world_write" version="1">
     <unix:behaviors recurse="directories" recurse_direction="down" max_depth="-1" recurse_file_system="local" />
-- 
1.7.1


    