Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
aboutsummaryrefslogtreecommitdiff
path: root/xml/SCAP/gentoo-xccdf.xml
diff options
context:
space:
mode:
Diffstat (limited to 'xml/SCAP/gentoo-xccdf.xml')
-rw-r--r--xml/SCAP/gentoo-xccdf.xml11
1 files changed, 11 insertions, 0 deletions
diff --git a/xml/SCAP/gentoo-xccdf.xml b/xml/SCAP/gentoo-xccdf.xml
index 3c3afcd..732bde3 100644
--- a/xml/SCAP/gentoo-xccdf.xml
+++ b/xml/SCAP/gentoo-xccdf.xml
@@ -103,6 +103,8 @@
<select idref="xccdf_org.gentoo.dev.swift_rule_securetty-limitentries" selected="true" />
<!-- Make sure /proc is mounted with hidepid=1 or hidepid=2 -->
<select idref="xccdf_org.gentoo.dev.swift_rule_proc-hidepid" selected="true" />
+ <!-- Make sure /boot/grub/grub.conf has a password entry with md5 hash -->
+ <select idref="xccdf_org.gentoo.dev.swift_rule_grubconf-password-md5" selected="true" />
</Profile>
<Profile id="xccdf_org.gentoo.dev.swift_profile_default" extends="xccdf_org.gentoo.dev.swift_profile_default-oval">
<title>Default server setup settings</title>
@@ -1513,6 +1515,15 @@ grub&gt; <h:b>quit</h:b></h:pre>
using <h:code>password --md5 $1$18u.M0$J8VbOsGXuoG9Fh3n7ZkqY.</h:code>.
</h:p>
</description>
+ <Rule id="xccdf_org.gentoo.dev.swift_rule_grubconf-password-md5" selected="false" severity="low" weight="6.9">
+ <title>Grub legacy has a password entry with md5 hash</title>
+ <fixtext fixref="xccdf_org.gentoo.dev.swift_fix_grubconf-password-md5">
+ Edit /boot/grub/grub.conf and set a password entry with md5 hash
+ </fixtext>
+ <check system="http://oval.mitre.org/XMLSchema/oval-definitions-5">
+ <check-content-ref name="oval:org.gentoo.dev.swift:def:34" href="gentoo-oval.xml" />
+ </check>
+ </Rule>
</Group>
<Group id="xccdf_org.gentoo.dev.swift_group_system-bootloader-lilopass">
<title>Password protect LILO</title>