(imported topic written by JimCate)
Howdy!
I’ve been testing the AIX 7.1 DISA Checklist for Security and Compliance. What is the proper mechanism for submitting “improvements” or suggestions or even potential bugs/fixes.
For examples:
At least one check complains that something isn’t owned by the right group or as it was delivered by the vendor. The group it wants is sys. The group the files have is system. My bet is that IBM delivered that as system but system isn’t a recognized “system group” in the check.
Some of the fixlets (not many) seem to fail for some reason but I want to swear that the client log sees the action complete and go not relevant. I’d have to verify that but I think I’ve seen it for one or two of the attempts (and tried more than once). I ended up manually fixing the things myself given that the tool shows me what it was noticing as “violations” so all was not lost… but the program didn’t work as I’d have hoped.
Is there a way to save SCM report output if you haven’t implemented SCA (Analytics web thingie)?
We use the IBM LDAP solution instead of local security files for much of our user management. The checks seem to look only to the local files with no option to check the LDAP and/or both. That makes many of the checks somewhat irrelevant in our environment. Local checks are still fine, but not so relevant in most cases. How do I submit this as a new feature to support IBMs LDAP in addition to local files?
I suppose that’s too much for a start to communications. I’ll leave it at that for now and look forward to any input…