Rule accounts_password_pam_pwquality_retry is misaligned with DISA STIG RHEL 9 v2r3 SCAP content #13011
Labels
blocked
Issue that can't be fixed in content.
productization-issue
Issue found in upstream stabilization process.
RHEL9
Red Hat Enterprise Linux 9 product related.
STIG
STIG Benchmark related.
Comments
vojtapolasek
added
blocked
vojtapolasek
added a commit
to vojtapolasek/contest
that referenced
this issue
Feb 10, 2025
comps
pushed a commit
to RHSecurityCompliance/contest
that referenced
this issue
Feb 10, 2025
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Description of problem:
The content is misaligned with DISA STIG for RHEL 9 v2r3.
The STIG ID from the XCCDF guide (rendered version) is here:
https://stigaview.com/products/rhel9/v2r3/RHEL-09-611010/
As you can see, the description talks about a value in /etc/security/pwquality.conf file.
However, the up to date SCAP file still checks for value in /etc/pam.d/system-auth.
The CaC/content project follows the written guide.
I believe the STIG SCAP file should be updated.
SCAP Security Guide Version:
master as of 2025-02-10
External Content's Version:
V2r3
The text was updated successfully, but these errors were encountered: