content icon indicating copy to clipboard operation
content copied to clipboard

Published 20 hours ago verified publisher icon ComplianceAsCode

Some rules in PCI-DSS profile are missing OCIL (RHEL8)

Open matusmarhefka opened this issue 6 years ago • 3 comments

Description of problem:

The following rules from PCI-DSS in RHEL8 are missing OCIL:

audit_rules_session_events
audit_rules_immutable
chronyd_or_ntpd_specify_multiple_servers
disable_prelink
security_patches_up_to_date

SCAP Security Guide Version:

upstream master

matusmarhefka avatar Oct 10 '19 07:10 matusmarhefka

security_patches_up_to_date

Under SCAP 1.3 this rule should not have an OCIL check.

yuumasato avatar Oct 10 '19 08:10 yuumasato

security_patches_up_to_date

Under SCAP 1.3 this rule should not have an OCIL check.

I need to look at the reasons why this was removed in 1.3, but I find this really odd as an auditor should still check that the system was updated or patched recently.

redhatrises avatar Oct 11 '19 17:10 redhatrises

audit_rules_immutable and security_patches_up_to_date already have OCIL.

chronyd_or_ntpd_specify_multiple_servers was removed from pci-dss profile by #11214 disable_prelink was removed from pci-dss profile by #11214

Only audit_rules_session_events is still relevant for this issue.

marcusburghardt avatar Nov 10 '23 08:11 marcusburghardt