[RHEL/6] Don't require exact permissions on httpd directories / files:
* 0700 on /var/log/httpd directory
* 0750 on /etc/httpd/conf directory
* 0640 on /etc/httpd/conf/* files
But allow also systems having stronger permission requirements
on these files to meet the checks / policy.
Besides that the HTML version of the guide has spoken about 0700 mode
requirement for permissions of the /var/log/httpd directory (but in fact
the corresponding OVAL check was checking 0750 mode). This patch fixes
this inconsistency too (by making the OVAL check to check against 0700 mode).
Please review.
Thank you && Regards, Jan.
--
Jan iankko Lieskovsky / Red Hat Security Technologies Team
Show replies by date