Signed-off-by: Jeffrey Blank <blank(a)eclipse.ncsc.mil>
---
rhel6/src/input/auxiliary/srg_support.xml | 19 +++++++++++++------
rhel6/src/input/services/ssh.xml | 2 +-
rhel6/src/input/system/auditing.xml | 7 ++++---
rhel6/src/input/system/software/updating.xml | 4 ++--
4 files changed, 20 insertions(+), 12 deletions(-)
diff --git a/rhel6/src/input/auxiliary/srg_support.xml
b/rhel6/src/input/auxiliary/srg_support.xml
index ac50bbd..c1bdf83 100644
--- a/rhel6/src/input/auxiliary/srg_support.xml
+++ b/rhel6/src/input/auxiliary/srg_support.xml
@@ -12,7 +12,7 @@ not clearly relate.
Red Hat Enterprise Linux meets this requirement by design.
<!-- We could include discussion of Common Criteria Testing if so desired here.
-->
</description>
-<ref disa="131,130,132,133,134,159,1694,162,163,164,345,346,872" />
+<ref disa="223,131,130,132,133,134,159,1694,162,163,164,345,346,872" />
</Group> <!-- end met_inherently -->
<Group id="unmet_impractical_guidance">
@@ -21,14 +21,21 @@ Red Hat Enterprise Linux meets this requirement by design.
The guidance does not meet this requirement.
The requirement is impractical or out of scope.
</description>
-<ref disa="354,1094,371,372,535,537,539,780,1682,1383,370,66,37,213,221"
/>
+<ref
disa="165,21,354,1094,371,372,535,537,539,780,1682,1383,370,66,37,213,221"
/>
</Group> <!-- end unmet_impractical_guidance -->
-<Group id="unmet_impractical_product">
-<title>Product Does Not Meet this Requirement Due to Impracticality or
Scope</title>
+<Group id="requirement_unclear">
+<title>Implementation of the Requirement is Unclear</title>
<description>
-The product does not meet this requirement.
-The requirement is impractical or out of scope.
+It is unclear how to satisfy this requirement.
+</description>
+<ref disa="20,31,218,219,224" />
+</Group> <!-- end unmet_impractical_product -->
+
+<Group id="new_rule_needed">
+<title>A New Policy/Manual Rule is Needed</title>
+<description>
+A new Rule needs to be created in the scap-security-guide content.
</description>
</Group> <!-- end unmet_impractical_product -->
diff --git a/rhel6/src/input/services/ssh.xml b/rhel6/src/input/services/ssh.xml
index ad21cee..c673e76 100644
--- a/rhel6/src/input/services/ssh.xml
+++ b/rhel6/src/input/services/ssh.xml
@@ -8,7 +8,7 @@ implementation included with the system is called OpenSSH, and more
detailed documentation is available from its website,
http://www.openssh.org. Its server program is called <tt>sshd</tt> and
provided by the RPM package <tt>openssh-server</tt>.</description>
-<ref disa="1453" />
+<ref disa="1453,877" />
<Value id="sshd_idle_timeout_value" type="number"
operator="equals" interactive="0">
diff --git a/rhel6/src/input/system/auditing.xml b/rhel6/src/input/system/auditing.xml
index 676b333..927cb60 100644
--- a/rhel6/src/input/system/auditing.xml
+++ b/rhel6/src/input/system/auditing.xml
@@ -55,7 +55,7 @@ and impacting other services. This also minimizes the risk of the
audit
daemon temporarily disabling the system if it cannot write audit log (which
it can be configured to do).
</description>
-<ref disa="120,166,1338,1339,157" />
+<ref disa="120,135,136,166,1338,1339,157" />
<Rule id="enable_auditd_service">
<title>Enable auditd Service</title>
@@ -272,6 +272,7 @@ Setting this to <tt>email</tt> is recommended over the
default
<rationale>Notifying administrators of an impending disk space problem may
allow them to take corrective action prior to any disruption.</rationale>
<oval id="auditd_data_retention_space_left_action"
value="var_auditd_space_left_action"/>
+<ref disa="140,144" />
</Rule>
@@ -295,7 +296,7 @@ audit records. If a separate partition or logical volume of adequate
size
is used, running low on space for audit records should never occur.
</rationale>
<oval id="auditd_data_retention_admin_space_left_action"
value="var_auditd_admin_space_left_action" />
-<ref disa="140" />
+<ref disa="140,144" />
</Rule>
@@ -626,7 +627,7 @@ unusual activity.
</rationale>
<ident cce="14296-8" />
<oval id="audit_rules_privileged_commands" />
-<ref nist="AU-2" />
+<ref nist="AU-2" disa="40" />
</Rule>
<Rule id="audit_media_exports">
diff --git a/rhel6/src/input/system/software/updating.xml
b/rhel6/src/input/system/software/updating.xml
index efc7834..a759d62 100644
--- a/rhel6/src/input/system/software/updating.xml
+++ b/rhel6/src/input/system/software/updating.xml
@@ -93,7 +93,7 @@ protects against malicious tampering.
</rationale>
<ident cce="14914-6" />
<oval id="yum_gpgcheck_global_activation" />
-<ref nist="SI-2" disa="352" />
+<ref nist="SI-2" disa="352,663" />
</Rule>
<Rule id="ensure_gpgcheck_never_disabled">
@@ -110,6 +110,6 @@ protects against malicious tampering.
</rationale>
<ident cce="14813-0" />
<oval id="yum_gpgcheck_never_disabled" />
-<ref nist="SI-2" disa="352"/>
+<ref nist="SI-2" disa="352,663"/>
</Rule>
</Group>
--
1.7.1