Request to have consistent rule IDs for OVAL content provided in scap-security-guide package
Issue
- The scap-security-guide package is available for openscap content, XCCDF and OVAL files are provided in this rpm. Can see that for same OVAL check ids are being changed in-between rpm versions. ID - "oval:ssg:def:537" and ID - "oval:ssg:def:1043" for same rules and in different versions of scap-security-guide content.
1. In version scap-security-guide-0.1.18-3.el6.noarch
/usr/share/xml/scap/ssg/content/ssg-rhel6-xccdf.xml
The <xhtml:code>/tmp</xhtml:code> partition is used as temporary storage by many programs.
Placing <xhtml:code>/tmp</xhtml:code> in its own partition enables the setting of more
restrictive mount options, which can help protect programs which use it.
</rationale>
<ident system="http://cce.mitre.org">CCE-26435-8</ident>
<check system="http://oval.mitre.org/XMLSchema/oval-definitions-5">
<check-content-ref name="oval:ssg:def:537" href="ssg-rhel6-oval.xml"/>
</check>
2. In version scap-security-guide-0.1.21-3.el6.noarch
/usr/share/xml/scap/ssg/content/ssg-rhel6-xccdf.xml
The <xhtml:code>/tmp</xhtml:code> partition is used as temporary storage by many programs.
Placing <xhtml:code>/tmp</xhtml:code> in its own partition enables the setting of more
restrictive mount options, which can help protect programs which use it.
</rationale>
<ident system="http://cce.mitre.org">CCE-26435-8</ident>
<check system="http://oval.mitre.org/XMLSchema/oval-definitions-5">
<check-content-ref name="oval:ssg:def:1043" href="ssg-rhel6-oval.xml"/>
</check>
Environment
- Red Hat Enterprise Linux 6
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.
