content icon indicating copy to clipboard operation
content copied to clipboard
verified publisher icon ComplianceAsCode

service_pcscd_enabled is misaligned with DISA

Open jan-cerny opened this issue 1 year ago • 0 comments

Description of problem:

service_pcscd_enabled is misaligned with DISA

Details:

The SSG's rule passes even if the service is inactive, it's enough if the corresponding socket is active, but the service doesn't have to be.

The DISA's rule requires the service to be active, it doesn't check the socket.

Outcome:

SSG result: pass DISA result: fail

The issue is present in these test variants:

  • oscap
  • ansible
  • anaconda

SCAP Security Guide Version:

Current upstream master as of 2024-03-12 as of HEAD cbbca44.

External Content's Version:

DISA STIG RHEL 9 V1R1

jan-cerny avatar Mar 13 '24 12:03 jan-cerny