Uploaded image for project: 'Cloud Infrastructure Security & Compliance'
  1. Cloud Infrastructure Security & Compliance
  2. CMP-1159

OCP STIG spreadsheet work

XMLWordPrintable

    • Icon: Story Story
    • Resolution: Done
    • Icon: Undefined Undefined
    • None
    • None
    • None
    • CMP Sprint 41

      We're working on a STIG spreadsheet. This card tracks the work, the particular tasks will be filed as subtasks.

       

      Acceptance criteria:

      •  all the rows in the spreadsheet are reviewed
      • all the rows in the spreadsheet have a fix and a check

        1.
        		 Audit rows: The operating system must generate audit records when... Sub-task Closed Major Jakub Hrozek
        2.
        		 Review the Platform Configuration sheet Sub-task Closed Major Matt Rogers (Inactive)
        3.
        		 SRG-OS-000033-GPOS-00014: confidentiality of remote debugging sessions Sub-task Closed Major Matt Rogers (Inactive)
        4.
        		 SRG-OS-000126-GPOS-00066: investigate oc debug timeout Sub-task Closed Undefined Vincent Shen
        5.
        		 SRG-OS-000420-GPOS-00186: Configure rate limits Sub-task Closed Undefined Jakub Hrozek
        6.
        		 SRG-OS-000368-GPOS-00154: preventing progam execution Sub-task Closed Undefined David Anderson
        7.
        		 SRG-APP-000118-CTR-000240: audit info protected from unauthorized read Sub-task Closed Undefined Jakub Hrozek
        8.
        		 SRG-APP-000126-CTR-000275: LogForward encrypted Sub-task Closed Undefined David Anderson
        9.
        		 SRG-APP-000131-CTR-000280: OCP built from verified packages Sub-task Closed Undefined David Anderson
        10.
        		 SRG-APP-000131-CTR-000285: OCP must verify container images Sub-task Closed Undefined Vincent Shen
        11.
        		 SRG-OS-000341-GPOS-00132: One week audit storage capacity Sub-task Closed Undefined David Anderson
        12.
        		 SRG-OS-000370-GPOS-00155: deny-all, permit-by-exeption execution policy Sub-task Closed Undefined David Anderson
        13.
        		 SRG-OS-000138-GPOS-00069: world-writable dirs w/out sticky bit set Sub-task Closed Undefined David Anderson
        14.
        		 SRG-OS-000046-GPOS-00022: Alert in event of audit failure Sub-task Closed Undefined David Anderson
        15.
        		 SRG-OS-000062-GPOS-00031: DoD auditable events Sub-task Closed Undefined David Anderson
        16.
        		 SRG-OS-000095-GPOS-00049: Disable non-essential capabilities Sub-task Closed Undefined David Anderson
        17.
        		 SRG-OS-000269-GPOS-00103: Event of system failure Sub-task Closed Undefined David Anderson
        18.
        		 SRG-OS-000364-GPOS-00151: Enforce Access Restrictions Sub-task Closed Undefined Jakub Hrozek

            daanders@redhat.com David Anderson
            jhrozek@redhat.com Jakub Hrozek
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved: