/usr/share/scap-security-guide/ssg-sle11-ocil.xml is in ssg-nondebian 0.1.31-5.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 | <ocil xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://scap.nist.gov/schema/ocil/2.0" xmlns:xhtml="http://www.w3.org/1999/xhtml">
<generator>
<schema_version>2.0</schema_version>
<timestamp>2017-08-11T09:18:08Z</timestamp>
</generator>
<questionnaires>
<questionnaire id="ocil:ssg-file_owner_etc_passwd_ocil:questionnaire:1">
<title>Verify User Who Owns passwd File</title>
<actions>
<test_action_ref>ocil:ssg-file_owner_etc_passwd_action:testaction:1</test_action_ref>
</actions>
</questionnaire>
<questionnaire id="ocil:ssg-file_groupowner_etc_passwd_ocil:questionnaire:1">
<title>Verify Group Who Owns passwd File</title>
<actions>
<test_action_ref>ocil:ssg-file_groupowner_etc_passwd_action:testaction:1</test_action_ref>
</actions>
</questionnaire>
<questionnaire id="ocil:ssg-file_permissions_etc_passwd_ocil:questionnaire:1">
<title>Verify Permissions on passwd File</title>
<actions>
<test_action_ref>ocil:ssg-file_permissions_etc_passwd_action:testaction:1</test_action_ref>
</actions>
</questionnaire>
</questionnaires>
<test_actions>
<boolean_question_test_action id="ocil:ssg-file_owner_etc_passwd_action:testaction:1" question_ref="ocil:ssg-file_owner_etc_passwd_question:question:1">
<when_true>
<result>PASS</result>
</when_true>
<when_false>
<result>FAIL</result>
</when_false>
</boolean_question_test_action>
<boolean_question_test_action id="ocil:ssg-file_groupowner_etc_passwd_action:testaction:1" question_ref="ocil:ssg-file_groupowner_etc_passwd_question:question:1">
<when_true>
<result>PASS</result>
</when_true>
<when_false>
<result>FAIL</result>
</when_false>
</boolean_question_test_action>
<boolean_question_test_action id="ocil:ssg-file_permissions_etc_passwd_action:testaction:1" question_ref="ocil:ssg-file_permissions_etc_passwd_question:question:1">
<when_true>
<result>PASS</result>
</when_true>
<when_false>
<result>FAIL</result>
</when_false>
</boolean_question_test_action>
</test_actions>
<questions>
<boolean_question id="ocil:ssg-file_owner_etc_passwd_question:question:1">
<question_text>
To check the ownership of /etc/passwd, run the command:
$ ls -lL /etc/passwd
If properly configured, the output should indicate the following owner:
root
Is it the case that it does not?
</question_text>
</boolean_question>
<boolean_question id="ocil:ssg-file_groupowner_etc_passwd_question:question:1">
<question_text>
To check the group ownership of /etc/passwd, run the command:
$ ls -lL /etc/passwd
If properly configured, the output should indicate the following group-owner.
root
Is it the case that it does not?
</question_text>
</boolean_question>
<boolean_question id="ocil:ssg-file_permissions_etc_passwd_question:question:1">
<question_text>
To check the permissions of /etc/passwd, run the command:
$ ls -l /etc/passwd
If properly configured, the output should indicate the following permissions:
-rw-r--r--
Is it the case that it does not?
</question_text>
</boolean_question>
</questions>
</ocil>
|