/usr/bin/diffoscope --timeout 7200 --html /srv/reproducible-results/rbuild-debian/r-b-build.30p08D3r/scap-security-guide_0.1.74-1.diffoscope.html --text /srv/reproducible-results/rbuild-debian/r-b-build.30p08D3r/scap-security-guide_0.1.74-1.diffoscope.txt --json /srv/reproducible-results/rbuild-debian/r-b-build.30p08D3r/scap-security-guide_0.1.74-1.diffoscope.json --profile=- /srv/reproducible-results/rbuild-debian/r-b-build.30p08D3r/b1/scap-security-guide_0.1.74-1_i386.changes /srv/reproducible-results/rbuild-debian/r-b-build.30p08D3r/b2/scap-security-guide_0.1.74-1

⊟

3.32 GB

/srv/reproducible-results/rbuild-debian/r-b-build.30p08D3r/b1/scap-security-guide_0.1.74-1_i386.changes vs.

/srv/reproducible-results/rbuild-debian/r-b-build.30p08D3r/b2/scap-security-guide_0.1.74-1_i386.changes ¶

⊟

824 B

Files ¶

⊟

455 KB

ssg-applications_0.1.74-1_all.deb ¶

⊟

452 B

file list ¶

⊟

98.0 B

control.tar.xz ¶

⊟

70.0 B

control.tar ¶

⊟

48.0 B

./md5sums ¶

⊟

30.0 B

./md5sums ¶

Files differ

⊟

454 KB

data.tar.xz ¶

⊟

454 KB

data.tar ¶

⊟

2.18 KB

⊟

981 B

⊟

2.28 KB

⊟

1.06 KB

⊟

2.38 KB

⊟

1.17 KB

⊟

2.21 KB

⊟

993 B

⊟

2.2 KB

⊟

1000 B

⊟

79.1 KB

⊟

79.0 KB

⊟

70.3 KB

⊟

70.2 KB

Ordering differences only

⊟

1.17 KB

⊟

1.06 KB

⊟

97.1 KB

⊟

97.0 KB

⊟

85.9 KB

⊟

85.8 KB

Ordering differences only

⊟

3.55 KB

⊟

3.45 KB

⊟

56.0 KB

⊟

55.9 KB

⊟

48.8 KB

⊟

48.7 KB

Ordering differences only

⊟

1.16 KB

⊟

1.06 KB

⊟

191 MB

ssg-debderived_0.1.74-1_all.deb ¶

⊟

452 B

file list ¶

⊟

98.0 B

control.tar.xz ¶

⊟

70.0 B

control.tar ¶

⊟

48.0 B

./md5sums ¶

⊟

30.0 B

./md5sums ¶

Files differ

⊟

191 MB

data.tar.xz ¶

⊟

191 MB

data.tar ¶

⊟

987 KB

⊟

110 KB

⊟

1.1 MB

⊟

126 KB

⊟

302 KB

⊟

37.7 KB

⊟

1.08 MB

⊟

124 KB

⊟

1.1 MB

⊟

125 KB

⊟

987 KB

⊟

110 KB

⊟

1.1 MB

⊟

126 KB

⊟

302 KB

⊟

37.7 KB

⊟

1.09 MB

⊟

124 KB

⊟

1.8 MB

⊟

209 KB

⊟

1.1 MB

⊟

125 KB

⊟

6.31 MB

⊟

805 KB

⊟

6.15 MB

⊟

791 KB

⊟

19.6 MB

⊟

1.66 MB

⊟

19.6 MB

⊟

1.65 MB

⊟

1.16 MB

⊟

130 KB

⊟

17.4 MB

⊟

1.14 MB

⊟

7.95 MB

⊟

912 KB

⊟

7.79 MB

⊟

899 KB

⊟

22.3 MB

⊟

1.85 MB

Max HTML report size reached

⊟

22.3 MB

⊟

1.84 MB

Max HTML report size reached

⊟

1.16 MB

⊟

133 KB

⊟

17.9 MB

⊟

1.16 MB

⊟

2.38 MB

⊟

2.38 MB

Max HTML report size reached

⊟

667 KB

⊟

667 KB

Ordering differences only

⊟

1.65 MB

⊟

1.65 MB

⊟

2.54 MB

⊟

2.54 MB

Max HTML report size reached

⊟

699 KB

⊟

699 KB

Ordering differences only

⊟

1.76 MB

⊟

1.76 MB

⊟

5.18 MB

⊟

5.18 MB

Max HTML report size reached

⊟

1.32 MB

⊟

1.32 MB

Ordering differences only

⊟

3.73 MB

⊟

3.73 MB

Max HTML report size reached

⊟

5.42 MB

⊟

5.42 MB

Max HTML report size reached

⊟

1.37 MB

⊟

1.37 MB

Ordering differences only

⊟

3.9 MB

⊟

3.9 MB

Max HTML report size reached

⊟

68.8 MB

ssg-debian_0.1.74-1_all.deb ¶

⊟

452 B

file list ¶

⊟

98.0 B

control.tar.xz ¶

⊟

70.0 B

control.tar ¶

⊟

48.0 B

./md5sums ¶

⊟

30.0 B

./md5sums ¶

Files differ

⊟

68.8 MB

data.tar.xz ¶

⊟

68.8 MB

data.tar ¶

⊟

1.02 MB

⊟

118 KB

⊟

1.14 MB

⊟

129 KB

⊟

365 KB

⊟

45.1 KB

⊟

1.1 MB

⊟

125 KB

⊟

1.04 MB

⊟

117 KB

⊟

18.1 MB

⊟

1.52 MB

⊟

18.3 MB

⊟

1.54 MB

⊟

7.35 MB

⊟

856 KB

⊟

1.39 MB

⊟

110 KB

⊟

1.02 MB

⊟

118 KB

⊟

1.14 MB

⊟

129 KB

⊟

366 KB

⊟

45.1 KB

⊟

1.1 MB

⊟

125 KB

⊟

1.04 MB

⊟

117 KB

⊟

2.98 MB

⊟

2.98 MB

Max HTML report size reached

⊟

702 KB

⊟

702 KB

Ordering differences only

⊟

2.19 MB

⊟

2.19 MB

Max HTML report size reached

⊟

4.32 MB

⊟

4.32 MB

Max HTML report size reached

⊟

1.14 MB

⊟

1.14 MB

Ordering differences only

⊟

3.08 MB

⊟

3.08 MB

Max HTML report size reached

⊟

3.06 GB

ssg-nondebian_0.1.74-1_all.deb ¶

⊟

452 B

file list ¶

⊟

98.0 B

control.tar.xz ¶

⊟

70.0 B

control.tar ¶

⊟

48.0 B

./md5sums ¶

⊟

30.0 B

./md5sums ¶

Files differ

⊟

3.06 GB

data.tar.xz ¶

⊟

3.06 GB

data.tar ¶

⊟

6.84 MB

⊟

696 KB

⊟

5.71 MB

⊟

579 KB

⊟

2.54 MB

⊟

289 KB

⊟

341 KB

⊟

28.7 KB

⊟

2.45 MB

⊟

270 KB

⊟

307 KB

⊟

25.0 KB

⊟

2.45 MB

⊟

265 KB

⊟

2.88 MB

⊟

302 KB

⊟

2.45 MB

⊟

265 KB

⊟

2.88 MB

⊟

302 KB

⊟

23.1 MB

⊟

1.94 MB

Max HTML report size reached

⊟

23.4 MB

⊟

1.97 MB

Max HTML report size reached

⊟

9.85 MB

⊟

1.04 MB

⊟

3.21 MB

⊟

224 KB

⊟

26.5 MB

⊟

2.33 MB

Max HTML report size reached

⊟

11.6 MB

⊟

1.28 MB

⊟

11.3 MB

⊟

1.25 MB

⊟

26.3 MB

⊟

2.31 MB

Max HTML report size reached

⊟

9.99 MB

⊟

1.23 MB

⊟

6.97 MB

⊟

710 KB

⊟

17.8 MB

⊟

1.3 MB

⊟

10.6 MB

⊟

1.03 MB

⊟

9.99 MB

⊟

1.23 MB

⊟

18.0 MB

⊟

1.61 MB

⊟

29.9 MB

⊟

2.41 MB

Max HTML report size reached

⊟

29.7 MB

⊟

2.39 MB

Max HTML report size reached

⊟

21.5 MB

⊟

1.85 MB

Max HTML report size reached

⊟

22.0 MB

⊟

1.92 MB

Max HTML report size reached

⊟

9.64 MB

⊟

1.01 MB

⊟

3.04 MB

⊟

218 KB

⊟

24.8 MB

⊟

2.24 MB

Max HTML report size reached

⊟

11.3 MB

⊟

1.26 MB

⊟

10.9 MB

⊟

1.22 MB

⊟

24.6 MB

⊟

2.21 MB

Max HTML report size reached

⊟

6.67 MB

⊟

674 KB

⊟

20.2 MB

⊟

1.54 MB

⊟

11.5 MB

⊟

1.15 MB

⊟

11.5 MB

⊟

1.15 MB

⊟

11.5 MB

⊟

1.15 MB

⊟

16.7 MB

⊟

1.53 MB

⊟

34.0 MB

⊟

2.74 MB

Max HTML report size reached

⊟

33.9 MB

⊟

2.73 MB

Max HTML report size reached

⊟

23.0 MB

⊟

1.92 MB

Max HTML report size reached

⊟

23.4 MB

⊟

1.97 MB

Max HTML report size reached

⊟

9.89 MB

⊟

1.04 MB

⊟

3.22 MB

⊟

226 KB

⊟

13.4 MB

⊟

1.1 MB

⊟

9.19 MB

⊟

843 KB

⊟

10.6 MB

⊟

1.01 MB

⊟

26.2 MB

⊟

2.3 MB

Max HTML report size reached

⊟

11.4 MB

⊟

1.26 MB

⊟

11.0 MB

⊟

1.22 MB

⊟

26.0 MB

⊟

2.27 MB

Max HTML report size reached

⊟

6.81 MB

⊟

874 KB

⊟

6.95 MB

⊟

711 KB

⊟

17.5 MB

⊟

1.22 MB

⊟

10.5 MB

⊟

1020 KB

⊟

6.81 MB

⊟

874 KB

⊟

17.9 MB

⊟

1.59 MB

⊟

33.5 MB

⊟

2.74 MB

Max HTML report size reached

⊟

33.3 MB

⊟

2.72 MB

Max HTML report size reached

⊟

19.0 MB

⊟

1.69 MB

⊟

26.9 MB

⊟

1.56 MB

⊟

14.5 MB

⊟

1.06 MB

⊟

7.6 MB

⊟

674 KB

⊟

2.35 KB

⊟

1010 B

⊟

2.58 KB

⊟

1.22 KB

⊟

2.21 KB

⊟

1000 B

⊟

2.33 KB

⊟

1000 B

⊟

2.43 KB

⊟

1.22 KB

⊟

2.31 KB

⊟

1.09 KB

⊟

2.31 KB

⊟

1.09 KB

⊟

2.32 KB

⊟

1.1 KB

⊟

2.32 KB

⊟

1.1 KB

⊟

2.31 KB

⊟

1.1 KB

⊟

2.3 KB

⊟

1.09 KB

⊟

2.34 KB

⊟

1.13 KB

⊟

2.35 KB

⊟

1.12 KB

⊟

2.47 KB

⊟

1.12 KB

⊟

2.33 KB

⊟

1.11 KB

⊟

2.32 KB

⊟

1.11 KB

⊟

2.36 KB

⊟

1.12 KB

⊟

2.35 KB

⊟

1.12 KB

⊟

2.48 KB

⊟

1.11 KB

⊟

2.33 KB

⊟

1.11 KB

⊟

2.48 KB

⊟

1.12 KB

⊟

2.46 KB

⊟

1.11 KB

⊟

2.33 KB

⊟

1.11 KB

⊟

2.32 KB

⊟

1.09 KB

⊟

2.38 KB

⊟

1.15 KB

⊟

2.4 KB

⊟

1.17 KB

⊟

2.38 KB

⊟

1.15 KB

⊟

2.33 KB

⊟

1.11 KB

⊟

2.38 KB

⊟

1.15 KB

⊟

2.51 KB

⊟

1.15 KB

⊟

2.33 KB

⊟

1.11 KB

⊟

2.32 KB

⊟

1.11 KB

⊟

21.1 MB

⊟

1.74 MB

⊟

21.4 MB

⊟

1.77 MB

⊟

9.25 MB

⊟

942 KB

⊟

3.39 MB

⊟

219 KB

⊟

9.01 MB

⊟

833 KB

⊟

6.27 MB

⊟

676 KB

⊟

6.34 MB

⊟

634 KB

⊟

16.4 MB

⊟

1.18 MB

⊟

27.5 MB

⊟

2.4 MB

Max HTML report size reached

⊟

6.27 MB

⊟

677 KB

⊟

9.91 MB

⊟

823 KB

⊟

233 KB

⊟

26.3 KB

⊟

9.62 MB

⊟

737 KB

⊟

22.6 MB

⊟

1.68 MB

⊟

22.6 MB

⊟

1.68 MB

⊟

22.7 MB

⊟

1.84 MB

Max HTML report size reached

⊟

23.0 MB

⊟

1.87 MB

Max HTML report size reached

⊟

9.51 MB

⊟

972 KB

⊟

3.7 MB

⊟

238 KB

⊟

10.6 MB

⊟

916 KB

⊟

9.67 MB

⊟

1.08 MB

⊟

6.63 MB

⊟

665 KB

⊟

17.6 MB

⊟

1.26 MB

⊟

9.67 MB

⊟

1.08 MB

⊟

17.8 MB

⊟

1.55 MB

⊟

10.8 MB

⊟

769 KB

⊟

29.0 MB

⊟

2.24 MB

Max HTML report size reached

⊟

28.9 MB

⊟

2.24 MB

Max HTML report size reached

⊟

21.3 MB

⊟

1.75 MB

⊟

21.6 MB

⊟

1.79 MB

Max HTML report size reached

⊟

9.3 MB

⊟

952 KB

⊟

3.48 MB

⊟

219 KB

⊟

4.95 MB

⊟

554 KB

⊟

6.45 MB

⊟

641 KB

⊟

16.1 MB

⊟

1.17 MB

⊟

4.95 MB

⊟

554 KB

⊟

16.3 MB

⊟

1.44 MB

⊟

9.69 MB

⊟

747 KB

⊟

31.3 MB

⊟

2.46 MB

Max HTML report size reached

⊟

31.2 MB

⊟

2.45 MB

Max HTML report size reached

⊟

2.57 MB

⊟

280 KB

⊟

2.51 MB

⊟

273 KB

⊟

3.9 MB

⊟

394 KB

⊟

51.8 KB

⊟

6.27 KB

⊟

2.37 KB

⊟

1.12 KB

⊟

2.36 KB

⊟

1.13 KB

⊟

2.49 KB

⊟

1.24 KB

⊟

2.36 KB

⊟

1.12 KB

⊟

2.33 KB

⊟

1000 B

⊟

2.18 KB

⊟

997 B

⊟

2.43 KB

⊟

1.09 KB

⊟

2.38 KB

⊟

1.16 KB

⊟

2.36 KB

⊟

1.15 KB

⊟

2.53 KB

⊟

1.17 KB

⊟

2.38 KB

⊟

1.16 KB

⊟

2.54 KB

⊟

1.19 KB

⊟

2.48 KB

⊟

1.12 KB

⊟

2.33 KB

⊟

1.12 KB

⊟

21.7 MB

⊟

1.87 MB

Max HTML report size reached

⊟

22.2 MB

⊟

1.95 MB

Max HTML report size reached

⊟

9.74 MB

⊟

1.03 MB

⊟

3.05 MB

⊟

214 KB

⊟

25.0 MB

⊟

2.25 MB

Max HTML report size reached

⊟

11.4 MB

⊟

1.27 MB

⊟

11.0 MB

⊟

1.22 MB

⊟

24.8 MB

⊟

2.22 MB

Max HTML report size reached

⊟

6.71 MB

⊟

678 KB

⊟

20.3 MB

⊟

1.52 MB

⊟

11.6 MB

⊟

1.15 MB

⊟

11.6 MB

⊟

1.15 MB

⊟

11.6 MB

⊟

1.15 MB

⊟

16.8 MB

⊟

1.53 MB

⊟

34.2 MB

⊟

2.76 MB

Max HTML report size reached

⊟

34.1 MB

⊟

2.74 MB

Max HTML report size reached

⊟

23.3 MB

⊟

1.98 MB

Max HTML report size reached

⊟

23.6 MB

⊟

2.01 MB

Max HTML report size reached

⊟

9.93 MB

⊟

1.04 MB

⊟

3.23 MB

⊟

217 KB

⊟

26.7 MB

⊟

2.34 MB

Max HTML report size reached

⊟

11.7 MB

⊟

1.28 MB

⊟

11.4 MB

⊟

1.25 MB

⊟

26.5 MB

⊟

2.32 MB

Max HTML report size reached

⊟

10.1 MB

⊟

1.23 MB

⊟

7.01 MB

⊟

712 KB

⊟

17.8 MB

⊟

1.26 MB

⊟

10.7 MB

⊟

1.02 MB

⊟

10.1 MB

⊟

1.23 MB

⊟

18.1 MB

⊟

1.61 MB

⊟

30.1 MB

⊟

2.41 MB

Max HTML report size reached

⊟

29.9 MB

⊟

2.39 MB

Max HTML report size reached

⊟

23.1 MB

⊟

1.97 MB

Max HTML report size reached

⊟

23.6 MB

⊟

2.01 MB

Max HTML report size reached

⊟

9.98 MB

⊟

1.04 MB

⊟

3.22 MB

⊟

215 KB

⊟

13.4 MB

⊟

1.11 MB

⊟

9.25 MB

⊟

853 KB

⊟

10.6 MB

⊟

1.02 MB

⊟

26.3 MB

⊟

2.31 MB

Max HTML report size reached

⊟

11.5 MB

⊟

1.27 MB

⊟

11.1 MB

⊟

1.22 MB

⊟

26.1 MB

⊟

2.29 MB

Max HTML report size reached

⊟

6.86 MB

⊟

877 KB

⊟

6.98 MB

⊟

706 KB

⊟

17.6 MB

⊟

1.23 MB

⊟

10.5 MB

⊟

1020 KB

⊟

6.86 MB

⊟

877 KB

⊟

18.1 MB

⊟

1.61 MB

⊟

33.7 MB

⊟

2.75 MB

Max HTML report size reached

⊟

33.5 MB

⊟

2.73 MB

Max HTML report size reached

⊟

14.3 MB

⊟

1010 KB

⊟

25.3 MB

⊟

2.12 MB

Max HTML report size reached

⊟

16.3 MB

⊟

1.07 MB

⊟

20.7 MB

⊟

1.76 MB

⊟

21.0 MB

⊟

1.79 MB

Max HTML report size reached

⊟

8.24 MB

⊟

897 KB

⊟

2.02 MB

⊟

144 KB

⊟

19.7 MB

⊟

1.73 MB

⊟

8.44 MB

⊟

960 KB

⊟

8.2 MB

⊟

936 KB

⊟

19.6 MB

⊟

1.72 MB

⊟

18.7 MB

⊟

1.38 MB

⊟

17.4 MB

⊟

1.23 MB

⊟

52.8 KB

⊟

6.35 KB

⊟

20.2 MB

⊟

1.4 MB

⊟

20.9 MB

⊟

1.76 MB

⊟

21.2 MB

⊟

1.81 MB

Max HTML report size reached

⊟

8.21 MB

⊟

896 KB

⊟

2.02 MB

⊟

144 KB

⊟

20.3 MB

⊟

1.78 MB

Max HTML report size reached

⊟

8.89 MB

⊟

1000 KB

⊟

8.65 MB

⊟

981 KB

⊟

20.2 MB

⊟

1.78 MB

Max HTML report size reached

⊟

16.4 MB

⊟

1.17 MB

⊟

15.0 MB

⊟

1.32 MB

⊟

23.2 MB

⊟

1.66 MB

⊟

21.4 MB

⊟

1.43 MB

⊟

9.55 MB

⊟

885 KB

⊟

21.8 MB

⊟

1.56 MB

⊟

5.06 MB

⊟

384 KB

⊟

307 KB

⊟

24.9 KB

⊟

3.49 MB

⊟

658 KB

⊟

1.23 MB

Ordering differences only

⊟

805 KB

⊟

9.66 KB

⊟

4.89 KB

⊟

9.74 KB

⊟

4.89 KB

⊟

9.45 MB

⊟

2.5 MB

Max HTML report size reached

⊟

1.33 MB

Ordering differences only

⊟

862 KB

⊟

782 KB

Ordering differences only

⊟

485 KB

⊟

3.51 MB

⊟

661 KB

⊟

1.24 MB

Ordering differences only

⊟

810 KB

⊟

3.25 KB

⊟

2.51 KB

⊟

9.46 MB

⊟

2.5 MB

Max HTML report size reached

⊟

790 KB

Ordering differences only

⊟

489 KB

⊟

16.9 MB

⊟

9.6 MB

Max HTML report size reached

⊟

3.56 MB

⊟

672 KB

⊟

1.39 MB

⊟

324 KB

⊟

1.24 MB

Ordering differences only

⊟

812 KB

⊟

3.29 KB

⊟

2.55 KB

⊟

3.7 KB

⊟

2.07 KB

⊟

9.47 MB

⊟

2.5 MB

Max HTML report size reached

⊟

791 KB

Ordering differences only

⊟

490 KB

⊟

1.16 KB

⊟

1.02 KB

⊟

1.53 MB

⊟

1.53 MB

⊟

722 KB

⊟

722 KB

Ordering differences only

⊟

797 KB

⊟

797 KB

⊟

1.48 MB

⊟

1.48 MB

⊟

860 KB

⊟

860 KB

Ordering differences only

⊟

606 KB

⊟

606 KB

⊟

1.45 MB

⊟

1.45 MB

⊟

857 KB

⊟

857 KB

Ordering differences only

⊟

575 KB

⊟

575 KB

⊟

1.71 MB

⊟

1.71 MB

⊟

993 KB

⊟

992 KB

Ordering differences only

⊟

696 KB

⊟

696 KB

⊟

1.7 MB

⊟

1.7 MB

⊟

990 KB

⊟

990 KB

Ordering differences only

⊟

696 KB

⊟

696 KB

⊟

12.6 MB

⊟

12.6 MB

Max HTML report size reached

⊟

8.95 MB

⊟

8.95 MB

Max HTML report size reached

⊟

8.58 MB

⊟

8.58 MB

Max HTML report size reached

⊟

6.35 MB

⊟

6.35 MB

Max HTML report size reached

⊟

12.3 MB

⊟

12.3 MB

Max HTML report size reached

⊟

8.84 MB

⊟

8.84 MB

Max HTML report size reached

⊟

8.51 MB

⊟

8.51 MB

Max HTML report size reached

⊟

1.98 MB

⊟

1.98 MB

Max HTML report size reached

⊟

6.29 MB

⊟

6.29 MB

Max HTML report size reached

⊟

5.89 KB

⊟

5.79 KB

⊟

1.17 KB

⊟

1.06 KB

⊟

891 KB

⊟

891 KB

⊟

827 KB

⊟

827 KB

Ordering differences only

⊟

27.3 KB

⊟

27.2 KB

⊟

8.75 MB

⊟

8.75 MB

Max HTML report size reached

⊟

2.11 MB

⊟

2.11 MB

Max HTML report size reached

⊟

6.49 MB

⊟

6.49 MB

Max HTML report size reached

⊟

9.94 MB

⊟

9.94 MB

Max HTML report size reached

⊟

2.49 MB

⊟

2.49 MB

Max HTML report size reached

⊟

7.15 MB

⊟

7.15 MB

Max HTML report size reached

⊟

7.96 MB

⊟

7.96 MB

Max HTML report size reached

⊟

1.95 MB

⊟

1.95 MB

Max HTML report size reached

⊟

5.79 MB

⊟

5.79 MB

Max HTML report size reached

⊟

1.58 MB

⊟

1.58 MB

⊟

899 KB

⊟

899 KB

Ordering differences only

⊟

655 KB

⊟

655 KB

⊟

1000 KB

⊟

1000 KB

⊟

528 KB

⊟

528 KB

Ordering differences only

⊟

439 KB

⊟

439 KB

⊟

1.11 MB

⊟

1.11 MB

⊟

646 KB

⊟

645 KB

Ordering differences only

⊟

445 KB

⊟

445 KB

⊟

1.66 MB

⊟

1.66 MB

⊟

1.55 MB

⊟

1.55 MB

Ordering differences only

⊟

43.2 KB

⊟

43.1 KB

⊟

8.7 MB

⊟

8.7 MB

Max HTML report size reached

⊟

1.98 MB

⊟

1.98 MB

Max HTML report size reached

⊟

6.45 MB

⊟

6.45 MB

Max HTML report size reached

⊟

12.6 MB

⊟

12.6 MB

Max HTML report size reached

⊟

3.28 MB

⊟

3.28 MB

Max HTML report size reached

⊟

8.98 MB

⊟

8.98 MB

Max HTML report size reached

⊟

12.4 MB

⊟

12.4 MB

Max HTML report size reached

⊟

3.12 MB

⊟

3.12 MB

Max HTML report size reached

⊟

8.91 MB

⊟

8.91 MB

Max HTML report size reached

⊟

6.41 MB

⊟

6.41 MB

Max HTML report size reached

⊟

1.51 MB

⊟

1.51 MB

Ordering differences only

⊟

4.74 MB

⊟

4.74 MB

Max HTML report size reached

⊟

7.02 MB

⊟

7.02 MB

Max HTML report size reached

⊟

1.72 MB

⊟

1.72 MB

Ordering differences only

⊟

5.09 MB

⊟

5.09 MB

Max HTML report size reached

⊟

7.46 MB

⊟

7.46 MB

Max HTML report size reached

⊟

1.81 MB

⊟

1.81 MB

Max HTML report size reached

⊟

5.45 MB

⊟

5.45 MB

Max HTML report size reached

⊟

741 KB

⊟

741 KB

⊟

93.2 KB

⊟

93.1 KB

Ordering differences only

⊟

627 KB

⊟

626 KB

⊟

1.2 MB

⊟

1.2 MB

⊟

708 KB

⊟

707 KB

Ordering differences only

⊟

474 KB

⊟

474 KB


Offset 1, 6 lines modified		Offset 1, 6 lines modified

1	·74d2~~a1d21d~~01~~e324bb9~~d~~36e48~~3~~3713~~af·153248·admin·optional·ssg-applications_0.1.74-1_all.deb	1	·d93e74f01251a960d60d073d4efaf811·153168·admin·optional·ssg-applications_0.1.74-1_all.deb
2	·ac8190c89a75a5ee928afbdbfeafe241·31300·admin·optional·ssg-base_0.1.74-1_all.deb	2	·ac8190c89a75a5ee928afbdbfeafe241·31300·admin·optional·ssg-base_0.1.74-1_all.deb
3	·2f9f18c58d3cc4ec30138ed6353ace3a·2807904·admin·optional·ssg-debderived_0.1.74-1_all.deb
4	·b9fe4844c9d39eba71edbdc94af39c55·1231984·admin·optional·ssg-debian_0.1.74-1_all.deb
5	·d~~61c9f~~c0~~fcf4d41f9a~~b~~da986b~~6e42~~905~~·32360956·admin·optional·ssg-~~non~~debian_0.1.74-1_all.deb	3	·2db0809c5958efdd2cbbf6dda67d24e3·2809432·admin·optional·ssg-debderived_0.1.74-1_all.deb
		4	·17089fe60e4dfe518949e61653c2f7df·1232524·admin·optional·ssg-debian_0.1.74-1_all.deb
		5	·84cfe3cd1d5d060c5937fd1dcf62830d·32375740·admin·optional·ssg-nondebian_0.1.74-1_all.deb


Offset 1, 3 lines modified		Offset 1, 3 lines modified
1	-rw-r--r--···0········0········0········4·2024-11-02·18:39:34.000000·debian-binary	1	-rw-r--r--···0········0········0········4·2024-11-02·18:39:34.000000·debian-binary
2	-rw-r--r--···0········0········0·····1728·2024-11-02·18:39:34.000000·control.tar.xz	2	-rw-r--r--···0········0········0·····1724·2024-11-02·18:39:34.000000·control.tar.xz
3	-rw-r--r--···0········0········0···151~~328~~·2024-11-02·18:39:34.000000·data.tar.xz	3	-rw-r--r--···0········0········0···151252·2024-11-02·18:39:34.000000·data.tar.xz


Offset 14335, 15 lines modified		Offset 14335, 15 lines modified
00037fe0:·7374·6f72·793c·2f68·323e·3c70·3e43·7572··story</h2><p>Cur		00037fe0:·7374·6f72·793c·2f68·323e·3c70·3e43·7572··story</h2><p>Cur
00037ff0:·7265·6e74·2076·6572·7369·6f6e·3a20·3c73··rent·version:·<s		00037ff0:·7265·6e74·2076·6572·7369·6f6e·3a20·3c73··rent·version:·<s
00038000:·7472·6f6e·673e·302e·312e·3734·3c2f·7374··trong>0.1.74</st		00038000:·7472·6f6e·673e·302e·312e·3734·3c2f·7374··trong>0.1.74</st
00038010:·726f·6e67·3e3c·2f70·3e3c·756c·3e3c·6c69··rong></p><ul><li		00038010:·726f·6e67·3e3c·2f70·3e3c·756c·3e3c·6c69··rong></p><ul><li
00038020:·3e3c·7374·726f·6e67·3e64·7261·6674·3c2f··><strong>draft</		00038020:·3e3c·7374·726f·6e67·3e64·7261·6674·3c2f··><strong>draft</
00038030:·7374·726f·6e67·3e0a·2020·2020·2020·2020··strong>.········		00038030:·7374·726f·6e67·3e0a·2020·2020·2020·2020··strong>.········
00038040:·2020·2020·2020·2020·2020·2020·2861·7320··············(as·		00038040:·2020·2020·2020·2020·2020·2020·2861·7320··············(as·
00038050:·6f66·2032·3032·362d·3031·2d30·3829·0a20··of·2026-01-08).·		00038050:·6f66·2032·3032·342d·3132·2d30·3729·0a20··of·2024-12-07).·
00038060:·2020·2020·2020·2020·2020·2020·2020·203c·················<		00038060:·2020·2020·2020·2020·2020·2020·2020·203c·················<
00038070:·2f6c·693e·3c2f·756c·3e3c·2f64·6976·3e3c··/li></ul></div><		00038070:·2f6c·693e·3c2f·756c·3e3c·2f64·6976·3e3c··/li></ul></div><
00038080:·6832·3e54·6162·6c65·206f·6620·436f·6e74··h2>Table·of·Cont		00038080:·6832·3e54·6162·6c65·206f·6620·436f·6e74··h2>Table·of·Cont
00038090:·656e·7473·3c2f·6832·3e3c·6f6c·3e3c·6c69··ents</h2><ol><li		00038090:·656e·7473·3c2f·6832·3e3c·6f6c·3e3c·6c69··ents</h2><ol><li
000380a0:·3e3c·6120·6872·6566·3d22·2378·6363·6466··><a·href="#xccdf		000380a0:·3e3c·6120·6872·6566·3d22·2378·6363·6466··><a·href="#xccdf
000380b0:·5f6f·7267·2e73·7367·7072·6f6a·6563·742e··_org.ssgproject.		000380b0:·5f6f·7267·2e73·7367·7072·6f6a·6563·742e··_org.ssgproject.
000380c0:·636f·6e74·656e·745f·6772·6f75·705f·6368··content_group_ch		000380c0:·636f·6e74·656e·745f·6772·6f75·705f·6368··content_group_ch


Offset 50, 15 lines modified		Offset 50, 15 lines modified
50	\x8\x8\x8\x8\x8·P\x8Pr\x8ro\x8of\x8fi\x8il\x8le\x8e·I\x8In\x8nf\x8fo\x8or\x8rm\x8ma\x8at\x8ti\x8io\x8on\x8n·\x8\x8\x8\x8\x8	50	\x8\x8\x8\x8\x8·P\x8Pr\x8ro\x8of\x8fi\x8il\x8le\x8e·I\x8In\x8nf\x8fo\x8or\x8rm\x8ma\x8at\x8ti\x8io\x8on\x8n·\x8\x8\x8\x8\x8
51	P\x8Pr\x8ro\x8of\x8fi\x8il\x8le\x8e·T\x8Ti\x8it\x8tl\x8le\x8e·Upstream·STIG·for·Google·Chromium	51	P\x8Pr\x8ro\x8of\x8fi\x8il\x8le\x8e·T\x8Ti\x8it\x8tl\x8le\x8e·Upstream·STIG·for·Google·Chromium
52	P\x8Pr\x8ro\x8of\x8fi\x8il\x8le\x8e·I\x8ID\x8D····xccdf_org.ssgproject.content_profile_stig	52	P\x8Pr\x8ro\x8of\x8fi\x8il\x8le\x8e·I\x8ID\x8D····xccdf_org.ssgproject.content_profile_stig
53	\x8\x8\x8·C\x8CP\x8PE\x8E·P\x8Pl\x8la\x8at\x8tf\x8fo\x8or\x8rm\x8ms\x8s·\x8\x8\x8	53	\x8\x8\x8·C\x8CP\x8PE\x8E·P\x8Pl\x8la\x8at\x8tf\x8fo\x8or\x8rm\x8ms\x8s·\x8\x8\x8
54	····*·cpe:/a:google:chromium-browser	54	····*·cpe:/a:google:chromium-browser
55	\x8\x8\x8\x8\x8·R\x8Re\x8ev\x8vi\x8is\x8si\x8io\x8on\x8n·H\x8Hi\x8is\x8st\x8to\x8or\x8ry\x8y·\x8\x8\x8\x8\x8	55	\x8\x8\x8\x8\x8·R\x8Re\x8ev\x8vi\x8is\x8si\x8io\x8on\x8n·H\x8Hi\x8is\x8st\x8to\x8or\x8ry\x8y·\x8\x8\x8\x8\x8
56	Current·version:·0\x80.\x8.1\x81.\x8.7\x874\x84	56	Current·version:·0\x80.\x8.1\x81.\x8.7\x874\x84
57	····*·d\x8dr\x8ra\x8af\x8ft\x8t·(as·of·2026-01-08)	57	····*·d\x8dr\x8ra\x8af\x8ft\x8t·(as·of·2024-12-07)
58	\x8\x8\x8\x8\x8·T\x8Ta\x8ab\x8bl\x8le\x8e·o\x8of\x8f·C\x8Co\x8on\x8nt\x8te\x8en\x8nt\x8ts\x8s·\x8\x8\x8\x8\x8	58	\x8\x8\x8\x8\x8·T\x8Ta\x8ab\x8bl\x8le\x8e·o\x8of\x8f·C\x8Co\x8on\x8nt\x8te\x8en\x8nt\x8ts\x8s·\x8\x8\x8\x8\x8
59	···1.·_\x8C_\x8h_\x8r_\x8o_\x8m_\x8i_\x8u_\x8m	59	···1.·_\x8C_\x8h_\x8r_\x8o_\x8m_\x8i_\x8u_\x8m
60	\x8\x8\x8\x8\x8·C\x8Ch\x8he\x8ec\x8ck\x8kl\x8li\x8is\x8st\x8t·\x8\x8\x8\x8\x8	60	\x8\x8\x8\x8\x8·C\x8Ch\x8he\x8ec\x8ck\x8kl\x8li\x8is\x8st\x8t·\x8\x8\x8\x8\x8
61	Group ·Guide·to·the·Secure·Configuration·of·Chromium· Group·contains·1·group·and·37	61	Group ·Guide·to·the·Secure·Configuration·of·Chromium· Group·contains·1·group·and·37
62	rules	62	rules
63	Group ·Chromium· Group·contains·37·rules	63	Group ·Chromium· Group·contains·37·rules
64	_\x8[_\x8r_\x8e_\x8f_\x8] ·Chromium·is·an·open-source·web·browser,·powered·by·WebKit·(Blink),·and	64	_\x8[_\x8r_\x8e_\x8f_\x8] ·Chromium·is·an·open-source·web·browser,·powered·by·WebKit·(Blink),·and


Offset 14331, 15 lines modified		Offset 14331, 15 lines modified
00037fa0:·2048·6973·746f·7279·3c2f·6832·3e3c·703e···History</h2><p>		00037fa0:·2048·6973·746f·7279·3c2f·6832·3e3c·703e···History</h2><p>
00037fb0:·4375·7272·656e·7420·7665·7273·696f·6e3a··Current·version:		00037fb0:·4375·7272·656e·7420·7665·7273·696f·6e3a··Current·version:
00037fc0:·203c·7374·726f·6e67·3e30·2e31·2e37·343c···<strong>0.1.74<		00037fc0:·203c·7374·726f·6e67·3e30·2e31·2e37·343c···<strong>0.1.74<
00037fd0:·2f73·7472·6f6e·673e·3c2f·703e·3c75·6c3e··/strong></p><ul>		00037fd0:·2f73·7472·6f6e·673e·3c2f·703e·3c75·6c3e··/strong></p><ul>
00037fe0:·3c6c·693e·3c73·7472·6f6e·673e·6472·6166··<li><strong>draf		00037fe0:·3c6c·693e·3c73·7472·6f6e·673e·6472·6166··<li><strong>draf
00037ff0:·743c·2f73·7472·6f6e·673e·0a20·2020·2020··t</strong>.·····		00037ff0:·743c·2f73·7472·6f6e·673e·0a20·2020·2020··t</strong>.·····
00038000:·2020·2020·2020·2020·2020·2020·2020·2028·················(		00038000:·2020·2020·2020·2020·2020·2020·2020·2028·················(
00038010:·6173·206f·6620·3230·3236·2d30·312d·3038··as·of·2026-01-08		00038010:·6173·206f·6620·3230·3234·2d31·322d·3037··as·of·2024-12-07
00038020:·290a·2020·2020·2020·2020·2020·2020·2020··).··············		00038020:·290a·2020·2020·2020·2020·2020·2020·2020··).··············
00038030:·2020·3c2f·6c69·3e3c·2f75·6c3e·3c2f·6469····</li></ul></di		00038030:·2020·3c2f·6c69·3e3c·2f75·6c3e·3c2f·6469····</li></ul></di
00038040:·763e·3c68·323e·5461·626c·6520·6f66·2043··v><h2>Table·of·C		00038040:·763e·3c68·323e·5461·626c·6520·6f66·2043··v><h2>Table·of·C
00038050:·6f6e·7465·6e74·733c·2f68·323e·3c6f·6c3e··ontents</h2><ol>		00038050:·6f6e·7465·6e74·733c·2f68·323e·3c6f·6c3e··ontents</h2><ol>
00038060:·3c6c·693e·3c61·2068·7265·663d·2223·7863··<li><a·href="#xc		00038060:·3c6c·693e·3c61·2068·7265·663d·2223·7863··<li><a·href="#xc
00038070:·6364·665f·6f72·672e·7373·6770·726f·6a65··cdf_org.ssgproje		00038070:·6364·665f·6f72·672e·7373·6770·726f·6a65··cdf_org.ssgproje
00038080:·6374·2e63·6f6e·7465·6e74·5f67·726f·7570··ct.content_group		00038080:·6374·2e63·6f6e·7465·6e74·5f67·726f·7570··ct.content_group


Offset 44, 15 lines modified		Offset 44, 15 lines modified
44	P\x8Pr\x8ro\x8of\x8fi\x8il\x8le\x8e·I\x8ID\x8D····xccdf_org.ssgproject.content_profile_cis-node	44	P\x8Pr\x8ro\x8of\x8fi\x8il\x8le\x8e·I\x8ID\x8D····xccdf_org.ssgproject.content_profile_cis-node
45	\x8\x8\x8·C\x8CP\x8PE\x8E·P\x8Pl\x8la\x8at\x8tf\x8fo\x8or\x8rm\x8ms\x8s·\x8\x8\x8	45	\x8\x8\x8·C\x8CP\x8PE\x8E·P\x8Pl\x8la\x8at\x8tf\x8fo\x8or\x8rm\x8ms\x8s·\x8\x8\x8
46	····*·cpe:/a:amazon:elastic_kubernetes_service_node:1.21	46	····*·cpe:/a:amazon:elastic_kubernetes_service_node:1.21
47	····*·cpe:/o:amazon:elastic_kubernetes_service_node:1	47	····*·cpe:/o:amazon:elastic_kubernetes_service_node:1
48	····*·cpe:/a:amazon:elastic_kubernetes_service:1	48	····*·cpe:/a:amazon:elastic_kubernetes_service:1
49	\x8\x8\x8\x8\x8·R\x8Re\x8ev\x8vi\x8is\x8si\x8io\x8on\x8n·H\x8Hi\x8is\x8st\x8to\x8or\x8ry\x8y·\x8\x8\x8\x8\x8	49	\x8\x8\x8\x8\x8·R\x8Re\x8ev\x8vi\x8is\x8si\x8io\x8on\x8n·H\x8Hi\x8is\x8st\x8to\x8or\x8ry\x8y·\x8\x8\x8\x8\x8
50	Current·version:·0\x80.\x8.1\x81.\x8.7\x874\x84	50	Current·version:·0\x80.\x8.1\x81.\x8.7\x874\x84
51	····*·d\x8dr\x8ra\x8af\x8ft\x8t·(as·of·2026-01-08)	51	····*·d\x8dr\x8ra\x8af\x8ft\x8t·(as·of·2024-12-07)
52	\x8\x8\x8\x8\x8·T\x8Ta\x8ab\x8bl\x8le\x8e·o\x8of\x8f·C\x8Co\x8on\x8nt\x8te\x8en\x8nt\x8ts\x8s·\x8\x8\x8\x8\x8	52	\x8\x8\x8\x8\x8·T\x8Ta\x8ab\x8bl\x8le\x8e·o\x8of\x8f·C\x8Co\x8on\x8nt\x8te\x8en\x8nt\x8ts\x8s·\x8\x8\x8\x8\x8
53	···1.·_\x8K_\x8u_\x8b_\x8e_\x8r_\x8n_\x8e_\x8t_\x8e_\x8s_\x8·_\x8S_\x8e_\x8t_\x8t_\x8i_\x8n_\x8g_\x8s	53	···1.·_\x8K_\x8u_\x8b_\x8e_\x8r_\x8n_\x8e_\x8t_\x8e_\x8s_\x8·_\x8S_\x8e_\x8t_\x8t_\x8i_\x8n_\x8g_\x8s
54	·········1.·_\x8K_\x8u_\x8b_\x8e_\x8r_\x8n_\x8e_\x8t_\x8e_\x8s_\x8·_\x8K_\x8u_\x8b_\x8e_\x8l_\x8e_\x8t_\x8·_\x8S_\x8e_\x8t_\x8t_\x8i_\x8n_\x8g_\x8s	54	·········1.·_\x8K_\x8u_\x8b_\x8e_\x8r_\x8n_\x8e_\x8t_\x8e_\x8s_\x8·_\x8K_\x8u_\x8b_\x8e_\x8l_\x8e_\x8t_\x8·_\x8S_\x8e_\x8t_\x8t_\x8i_\x8n_\x8g_\x8s
55	·········2.·_\x8K_\x8u_\x8b_\x8e_\x8r_\x8n_\x8e_\x8t_\x8e_\x8s_\x8·_\x8-_\x8·_\x8W_\x8o_\x8r_\x8k_\x8e_\x8r_\x8·_\x8N_\x8o_\x8d_\x8e_\x8·_\x8S_\x8e_\x8t_\x8t_\x8i_\x8n_\x8g_\x8s	55	·········2.·_\x8K_\x8u_\x8b_\x8e_\x8r_\x8n_\x8e_\x8t_\x8e_\x8s_\x8·_\x8-_\x8·_\x8W_\x8o_\x8r_\x8k_\x8e_\x8r_\x8·_\x8N_\x8o_\x8d_\x8e_\x8·_\x8S_\x8e_\x8t_\x8t_\x8i_\x8n_\x8g_\x8s
56	\x8\x8\x8\x8\x8·C\x8Ch\x8he\x8ec\x8ck\x8kl\x8li\x8is\x8st\x8t·\x8\x8\x8\x8\x8	56	\x8\x8\x8\x8\x8·C\x8Ch\x8he\x8ec\x8ck\x8kl\x8li\x8is\x8st\x8t·\x8\x8\x8\x8\x8
57	Group ·Guide·to·the·Secure·Configuration·of·Amazon·Elastic·Kubernetes·Service	57	Group ·Guide·to·the·Secure·Configuration·of·Amazon·Elastic·Kubernetes·Service
58	Group·contains·3·groups·and·15·rules	58	Group·contains·3·groups·and·15·rules


Offset 14331, 15 lines modified		Offset 14331, 15 lines modified
00037fa0:·2f68·323e·3c70·3e43·7572·7265·6e74·2076··/h2><p>Current·v		00037fa0:·2f68·323e·3c70·3e43·7572·7265·6e74·2076··/h2><p>Current·v
00037fb0:·6572·7369·6f6e·3a20·3c73·7472·6f6e·673e··ersion:·<strong>		00037fb0:·6572·7369·6f6e·3a20·3c73·7472·6f6e·673e··ersion:·<strong>
00037fc0:·302e·312e·3734·3c2f·7374·726f·6e67·3e3c··0.1.74</strong><		00037fc0:·302e·312e·3734·3c2f·7374·726f·6e67·3e3c··0.1.74</strong><
00037fd0:·2f70·3e3c·756c·3e3c·6c69·3e3c·7374·726f··/p><ul><li><stro		00037fd0:·2f70·3e3c·756c·3e3c·6c69·3e3c·7374·726f··/p><ul><li><stro
00037fe0:·6e67·3e64·7261·6674·3c2f·7374·726f·6e67··ng>draft</strong		00037fe0:·6e67·3e64·7261·6674·3c2f·7374·726f·6e67··ng>draft</strong
00037ff0:·3e0a·2020·2020·2020·2020·2020·2020·2020··>.··············		00037ff0:·3e0a·2020·2020·2020·2020·2020·2020·2020··>.··············
00038000:·2020·2020·2020·2861·7320·6f66·2032·3032········(as·of·202		00038000:·2020·2020·2020·2861·7320·6f66·2032·3032········(as·of·202
00038010:·362d·3031·2d30·3829·0a20·2020·2020·2020··6-01-08).·······		00038010:·342d·3132·2d30·3729·0a20·2020·2020·2020··4-12-07).·······
00038020:·2020·2020·2020·2020·203c·2f6c·693e·3c2f···········</li></		00038020:·2020·2020·2020·2020·203c·2f6c·693e·3c2f···········</li></
00038030:·756c·3e3c·2f64·6976·3e3c·6832·3e54·6162··ul></div><h2>Tab		00038030:·756c·3e3c·2f64·6976·3e3c·6832·3e54·6162··ul></div><h2>Tab
00038040:·6c65·206f·6620·436f·6e74·656e·7473·3c2f··le·of·Contents</		00038040:·6c65·206f·6620·436f·6e74·656e·7473·3c2f··le·of·Contents</
00038050:·6832·3e3c·6f6c·3e3c·6c69·3e3c·6120·6872··h2><ol><li><a·hr		00038050:·6832·3e3c·6f6c·3e3c·6c69·3e3c·6120·6872··h2><ol><li><a·hr
00038060:·6566·3d22·2378·6363·6466·5f6f·7267·2e73··ef="#xccdf_org.s		00038060:·6566·3d22·2378·6363·6466·5f6f·7267·2e73··ef="#xccdf_org.s
00038070:·7367·7072·6f6a·6563·742e·636f·6e74·656e··sgproject.conten		00038070:·7367·7072·6f6a·6563·742e·636f·6e74·656e··sgproject.conten
00038080:·745f·6772·6f75·705f·6f70·656e·7368·6966··t_group_openshif		00038080:·745f·6772·6f75·705f·6f70·656e·7368·6966··t_group_openshif


Offset 14284, 15 lines modified		Offset 14284, 15 lines modified
00037cb0:·2048·6973·746f·7279·3c2f·6832·3e3c·703e···History</h2><p>		00037cb0:·2048·6973·746f·7279·3c2f·6832·3e3c·703e···History</h2><p>
00037cc0:·4375·7272·656e·7420·7665·7273·696f·6e3a··Current·version:		00037cc0:·4375·7272·656e·7420·7665·7273·696f·6e3a··Current·version:
00037cd0:·203c·7374·726f·6e67·3e30·2e31·2e37·343c···<strong>0.1.74<		00037cd0:·203c·7374·726f·6e67·3e30·2e31·2e37·343c···<strong>0.1.74<
00037ce0:·2f73·7472·6f6e·673e·3c2f·703e·3c75·6c3e··/strong></p><ul>		00037ce0:·2f73·7472·6f6e·673e·3c2f·703e·3c75·6c3e··/strong></p><ul>
00037cf0:·3c6c·693e·3c73·7472·6f6e·673e·6472·6166··<li><strong>draf		00037cf0:·3c6c·693e·3c73·7472·6f6e·673e·6472·6166··<li><strong>draf
00037d00:·743c·2f73·7472·6f6e·673e·0a20·2020·2020··t</strong>.·····		00037d00:·743c·2f73·7472·6f6e·673e·0a20·2020·2020··t</strong>.·····
00037d10:·2020·2020·2020·2020·2020·2020·2020·2028·················(		00037d10:·2020·2020·2020·2020·2020·2020·2020·2028·················(
00037d20:·6173·206f·6620·3230·3236·2d30·312d·3038··as·of·2026-01-08		00037d20:·6173·206f·6620·3230·3234·2d31·322d·3037··as·of·2024-12-07
00037d30:·290a·2020·2020·2020·2020·2020·2020·2020··).··············		00037d30:·290a·2020·2020·2020·2020·2020·2020·2020··).··············
00037d40:·2020·3c2f·6c69·3e3c·2f75·6c3e·3c2f·6469····</li></ul></di		00037d40:·2020·3c2f·6c69·3e3c·2f75·6c3e·3c2f·6469····</li></ul></di
00037d50:·763e·3c68·323e·5461·626c·6520·6f66·2043··v><h2>Table·of·C		00037d50:·763e·3c68·323e·5461·626c·6520·6f66·2043··v><h2>Table·of·C
00037d60:·6f6e·7465·6e74·733c·2f68·323e·3c6f·6c3e··ontents</h2><ol>		00037d60:·6f6e·7465·6e74·733c·2f68·323e·3c6f·6c3e··ontents</h2><ol>
00037d70:·3c6c·693e·3c61·2068·7265·663d·2223·7863··<li><a·href="#xc		00037d70:·3c6c·693e·3c61·2068·7265·663d·2223·7863··<li><a·href="#xc
00037d80:·6364·665f·6f72·672e·7373·6770·726f·6a65··cdf_org.ssgproje		00037d80:·6364·665f·6f72·672e·7373·6770·726f·6a65··cdf_org.ssgproje
00037d90:·6374·2e63·6f6e·7465·6e74·5f67·726f·7570··ct.content_group		00037d90:·6374·2e63·6f6e·7465·6e74·5f67·726f·7570··ct.content_group


Offset 37, 15 lines modified		Offset 37, 15 lines modified
37	\x8\x8\x8\x8\x8·P\x8Pr\x8ro\x8of\x8fi\x8il\x8le\x8e·I\x8In\x8nf\x8fo\x8or\x8rm\x8ma\x8at\x8ti\x8io\x8on\x8n·\x8\x8\x8\x8\x8	37	\x8\x8\x8\x8\x8·P\x8Pr\x8ro\x8of\x8fi\x8il\x8le\x8e·I\x8In\x8nf\x8fo\x8or\x8rm\x8ma\x8at\x8ti\x8io\x8on\x8n·\x8\x8\x8\x8\x8
38	P\x8Pr\x8ro\x8of\x8fi\x8il\x8le\x8e·T\x8Ti\x8it\x8tl\x8le\x8e·CUSP·-·Common·User·Security·Profile·for·Mozilla·Firefox	38	P\x8Pr\x8ro\x8of\x8fi\x8il\x8le\x8e·T\x8Ti\x8it\x8tl\x8le\x8e·CUSP·-·Common·User·Security·Profile·for·Mozilla·Firefox
39	P\x8Pr\x8ro\x8of\x8fi\x8il\x8le\x8e·I\x8ID\x8D····xccdf_org.ssgproject.content_profile_cusp_firefox	39	P\x8Pr\x8ro\x8of\x8fi\x8il\x8le\x8e·I\x8ID\x8D····xccdf_org.ssgproject.content_profile_cusp_firefox
40	\x8\x8\x8·C\x8CP\x8PE\x8E·P\x8Pl\x8la\x8at\x8tf\x8fo\x8or\x8rm\x8ms\x8s·\x8\x8\x8	40	\x8\x8\x8·C\x8CP\x8PE\x8E·P\x8Pl\x8la\x8at\x8tf\x8fo\x8or\x8rm\x8ms\x8s·\x8\x8\x8
41	····*·cpe:/a:mozilla:firefox	41	····*·cpe:/a:mozilla:firefox
42	\x8\x8\x8\x8\x8·R\x8Re\x8ev\x8vi\x8is\x8si\x8io\x8on\x8n·H\x8Hi\x8is\x8st\x8to\x8or\x8ry\x8y·\x8\x8\x8\x8\x8	42	\x8\x8\x8\x8\x8·R\x8Re\x8ev\x8vi\x8is\x8si\x8io\x8on\x8n·H\x8Hi\x8is\x8st\x8to\x8or\x8ry\x8y·\x8\x8\x8\x8\x8
43	Current·version:·0\x80.\x8.1\x81.\x8.7\x874\x84	43	Current·version:·0\x80.\x8.1\x81.\x8.7\x874\x84
44	····*·d\x8dr\x8ra\x8af\x8ft\x8t·(as·of·2026-01-08)	44	····*·d\x8dr\x8ra\x8af\x8ft\x8t·(as·of·2024-12-07)
45	\x8\x8\x8\x8\x8·T\x8Ta\x8ab\x8bl\x8le\x8e·o\x8of\x8f·C\x8Co\x8on\x8nt\x8te\x8en\x8nt\x8ts\x8s·\x8\x8\x8\x8\x8	45	\x8\x8\x8\x8\x8·T\x8Ta\x8ab\x8bl\x8le\x8e·o\x8of\x8f·C\x8Co\x8on\x8nt\x8te\x8en\x8nt\x8ts\x8s·\x8\x8\x8\x8\x8
46	···1.·_\x8F_\x8i_\x8r_\x8e_\x8f_\x8o_\x8x	46	···1.·_\x8F_\x8i_\x8r_\x8e_\x8f_\x8o_\x8x
47	\x8\x8\x8\x8\x8·C\x8Ch\x8he\x8ec\x8ck\x8kl\x8li\x8is\x8st\x8t·\x8\x8\x8\x8\x8	47	\x8\x8\x8\x8\x8·C\x8Ch\x8he\x8ec\x8ck\x8kl\x8li\x8is\x8st\x8t·\x8\x8\x8\x8\x8
48	Group ·Guide·to·the·Secure·Configuration·of·Firefox· Group·contains·1·group	48	Group ·Guide·to·the·Secure·Configuration·of·Firefox· Group·contains·1·group
49	and·9·rules	49	and·9·rules
50	Group ·Firefox· Group·contains·9·rules	50	Group ·Firefox· Group·contains·9·rules
51	_\x8[_\x8r_\x8e_\x8f_\x8] ·Firefox·is·an·open-source·web·browser·and·developed·by·Mozilla.·Web	51	_\x8[_\x8r_\x8e_\x8f_\x8] ·Firefox·is·an·open-source·web·browser·and·developed·by·Mozilla.·Web


Offset 14332, 15 lines modified		Offset 14332, 15 lines modified
00037fb0:·2f68·323e·3c70·3e43·7572·7265·6e74·2076··/h2><p>Current·v		00037fb0:·2f68·323e·3c70·3e43·7572·7265·6e74·2076··/h2><p>Current·v
00037fc0:·6572·7369·6f6e·3a20·3c73·7472·6f6e·673e··ersion:·<strong>		00037fc0:·6572·7369·6f6e·3a20·3c73·7472·6f6e·673e··ersion:·<strong>
00037fd0:·302e·312e·3734·3c2f·7374·726f·6e67·3e3c··0.1.74</strong><		00037fd0:·302e·312e·3734·3c2f·7374·726f·6e67·3e3c··0.1.74</strong><
00037fe0:·2f70·3e3c·756c·3e3c·6c69·3e3c·7374·726f··/p><ul><li><stro		00037fe0:·2f70·3e3c·756c·3e3c·6c69·3e3c·7374·726f··/p><ul><li><stro
00037ff0:·6e67·3e64·7261·6674·3c2f·7374·726f·6e67··ng>draft</strong		00037ff0:·6e67·3e64·7261·6674·3c2f·7374·726f·6e67··ng>draft</strong
00038000:·3e0a·2020·2020·2020·2020·2020·2020·2020··>.··············		00038000:·3e0a·2020·2020·2020·2020·2020·2020·2020··>.··············
00038010:·2020·2020·2020·2861·7320·6f66·2032·3032········(as·of·202		00038010:·2020·2020·2020·2861·7320·6f66·2032·3032········(as·of·202
00038020:·362d·3031·2d30·3829·0a20·2020·2020·2020··6-01-08).·······		00038020:·342d·3132·2d30·3729·0a20·2020·2020·2020··4-12-07).·······
00038030:·2020·2020·2020·2020·203c·2f6c·693e·3c2f···········</li></		00038030:·2020·2020·2020·2020·203c·2f6c·693e·3c2f···········</li></
00038040:·756c·3e3c·2f64·6976·3e3c·6832·3e54·6162··ul></div><h2>Tab		00038040:·756c·3e3c·2f64·6976·3e3c·6832·3e54·6162··ul></div><h2>Tab
00038050:·6c65·206f·6620·436f·6e74·656e·7473·3c2f··le·of·Contents</		00038050:·6c65·206f·6620·436f·6e74·656e·7473·3c2f··le·of·Contents</
00038060:·6832·3e3c·6f6c·3e3c·6c69·3e3c·6120·6872··h2><ol><li><a·hr		00038060:·6832·3e3c·6f6c·3e3c·6c69·3e3c·6120·6872··h2><ol><li><a·hr
00038070:·6566·3d22·2378·6363·6466·5f6f·7267·2e73··ef="#xccdf_org.s		00038070:·6566·3d22·2378·6363·6466·5f6f·7267·2e73··ef="#xccdf_org.s
00038080:·7367·7072·6f6a·6563·742e·636f·6e74·656e··sgproject.conten		00038080:·7367·7072·6f6a·6563·742e·636f·6e74·656e··sgproject.conten
00038090:·745f·6772·6f75·705f·6669·7265·666f·7822··t_group_firefox"		00038090:·745f·6772·6f75·705f·6669·7265·666f·7822··t_group_firefox"


Offset 19, 25 lines modified		Offset 19, 25 lines modified
19	····</ds:checklists>	19	····</ds:checklists>
20	····<ds:checks>	20	····<ds:checks>
21	······<ds:component-ref·id="scap_org.open-scap_cref_ssg-chromium-oval.xml"·xlink:href="#scap_org.open-scap_comp_ssg-chromium-oval.xml"/>	21	······<ds:component-ref·id="scap_org.open-scap_cref_ssg-chromium-oval.xml"·xlink:href="#scap_org.open-scap_comp_ssg-chromium-oval.xml"/>
22	······<ds:component-ref·id="scap_org.open-scap_cref_ssg-chromium-ocil.xml"·xlink:href="#scap_org.open-scap_comp_ssg-chromium-ocil.xml"/>	22	······<ds:component-ref·id="scap_org.open-scap_cref_ssg-chromium-ocil.xml"·xlink:href="#scap_org.open-scap_comp_ssg-chromium-ocil.xml"/>
23	······<ds:component-ref·id="scap_org.open-scap_cref_ssg-chromium-cpe-oval.xml"·xlink:href="#scap_org.open-scap_comp_ssg-chromium-cpe-oval.xml"/>	23	······<ds:component-ref·id="scap_org.open-scap_cref_ssg-chromium-cpe-oval.xml"·xlink:href="#scap_org.open-scap_comp_ssg-chromium-cpe-oval.xml"/>
24	····</ds:checks>	24	····</ds:checks>
25	··</ds:data-stream>	25	··</ds:data-stream>
26	··<ds:component·id="scap_org.open-scap_comp_ssg-chromium-cpe-dictionary.xml"·timestamp="2024-11-02T06:39:34">	26	··<ds:component·id="scap_org.open-scap_comp_ssg-chromium-cpe-dictionary.xml"·timestamp="2024-11-03T08:39:34">
27	····<cpe-dict:cpe-list·xsi:schemaLocation="http://cpe.mitre.org/dictionary/2.0·http://cpe.mitre.org/files/cpe-dictionary_2.1.xsd">	27	····<cpe-dict:cpe-list·xsi:schemaLocation="http://cpe.mitre.org/dictionary/2.0·http://cpe.mitre.org/files/cpe-dictionary_2.1.xsd">
28	······<cpe-dict:cpe-item·name="cpe:/a:google:chromium-browser">	28	······<cpe-dict:cpe-item·name="cpe:/a:google:chromium-browser">
29	········<cpe-dict:title·xml:lang="en-us">Google·Chromium·Browser</cpe-dict:title>	29	········<cpe-dict:title·xml:lang="en-us">Google·Chromium·Browser</cpe-dict:title>
30	········<cpe-dict:check·system="http://oval.mitre.org/XMLSchema/oval-definitions-5"·href="ssg-chromium-cpe-oval.xml">oval:ssg-installed_app_is_chromium:def:1</cpe-dict:check>	30	········<cpe-dict:check·system="http://oval.mitre.org/XMLSchema/oval-definitions-5"·href="ssg-chromium-cpe-oval.xml">oval:ssg-installed_app_is_chromium:def:1</cpe-dict:check>
31	······</cpe-dict:cpe-item>	31	······</cpe-dict:cpe-item>
32	····</cpe-dict:cpe-list>	32	····</cpe-dict:cpe-list>
33	··</ds:component>	33	··</ds:component>
34	··<ds:component·id="scap_org.open-scap_comp_ssg-chromium-xccdf.xml"·timestamp="2024-11-02T06:39:34">	34	··<ds:component·id="scap_org.open-scap_comp_ssg-chromium-xccdf.xml"·timestamp="2024-11-03T08:39:34">
35	····<xccdf-1.2:Benchmark·id="xccdf_org.ssgproject.content_benchmark_CHROMIUM"·xsi:schemaLocation="http://checklists.nist.gov/xccdf/1.2·xccdf-1.2.xsd"·style="SCAP_1.2"·resolved="true"·xml:lang="en-US">	35	····<xccdf-1.2:Benchmark·id="xccdf_org.ssgproject.content_benchmark_CHROMIUM"·xsi:schemaLocation="http://checklists.nist.gov/xccdf/1.2·xccdf-1.2.xsd"·style="SCAP_1.2"·resolved="true"·xml:lang="en-US">
36	······<xccdf-1.2:status·date="2026-01-08">draft</xccdf-1.2:status>	36	······<xccdf-1.2:status·date="2024-12-07">draft</xccdf-1.2:status>
37	······<xccdf-1.2:title>Guide·to·the·Secure·Configuration·of·Chromium</xccdf-1.2:title>	37	······<xccdf-1.2:title>Guide·to·the·Secure·Configuration·of·Chromium</xccdf-1.2:title>
38	······<xccdf-1.2:description>	38	······<xccdf-1.2:description>
39	········This·guide·presents·a·catalog·of·security-relevant	39	········This·guide·presents·a·catalog·of·security-relevant
40	configuration·settings·for·Chromium.·It·is·a·rendering·of	40	configuration·settings·for·Chromium.·It·is·a·rendering·of
41	content·structured·in·the·eXtensible·Configuration·Checklist·Description·Format·(XCCDF)	41	content·structured·in·the·eXtensible·Configuration·Checklist·Description·Format·(XCCDF)
42	in·order·to·support·security·automation.··The·SCAP·content·is	42	in·order·to·support·security·automation.··The·SCAP·content·is
43	is·available·in·the	43	is·available·in·the
Offset 1666, 15 lines modified		Offset 1666, 15 lines modified
1666	··········<xccdf-1.2:check·system="http://scap.nist.gov/schema/ocil/2">	1666	··········<xccdf-1.2:check·system="http://scap.nist.gov/schema/ocil/2">
1667	············<xccdf-1.2:check-content-ref·href="ssg-chromium-ocil.xml"·name="ocil:ssg-chromium_whitelist_plugin_urls_ocil:questionnaire:1"/>	1667	············<xccdf-1.2:check-content-ref·href="ssg-chromium-ocil.xml"·name="ocil:ssg-chromium_whitelist_plugin_urls_ocil:questionnaire:1"/>
1668	··········</xccdf-1.2:check>	1668	··········</xccdf-1.2:check>
1669	········</xccdf-1.2:Rule>	1669	········</xccdf-1.2:Rule>
1670	······</xccdf-1.2:Group>	1670	······</xccdf-1.2:Group>
1671	····</xccdf-1.2:Benchmark>	1671	····</xccdf-1.2:Benchmark>
1672	··</ds:component>	1672	··</ds:component>
1673	··<ds:component·id="scap_org.open-scap_comp_ssg-chromium-oval.xml"·timestamp="2024-11-02T06:39:34">	1673	··<ds:component·id="scap_org.open-scap_comp_ssg-chromium-oval.xml"·timestamp="2024-11-03T08:39:34">
1674	····<oval-def:oval_definitions·xsi:schemaLocation="http://oval.mitre.org/XMLSchema/oval-common-5·oval-common-schema.xsd··http://oval.mitre.org/XMLSchema/oval-definitions-5·oval-definitions-schema.xsd··http://oval.mitre.org/XMLSchema/oval-definitions-5#independent·independent-definitions-schema.xsd··http://oval.mitre.org/XMLSchema/oval-definitions-5#unix·unix-definitions-schema.xsd··http://oval.mitre.org/XMLSchema/oval-definitions-5#linux·linux-definitions-schema.xsd">	1674	····<oval-def:oval_definitions·xsi:schemaLocation="http://oval.mitre.org/XMLSchema/oval-common-5·oval-common-schema.xsd··http://oval.mitre.org/XMLSchema/oval-definitions-5·oval-definitions-schema.xsd··http://oval.mitre.org/XMLSchema/oval-definitions-5#independent·independent-definitions-schema.xsd··http://oval.mitre.org/XMLSchema/oval-definitions-5#unix·unix-definitions-schema.xsd··http://oval.mitre.org/XMLSchema/oval-definitions-5#linux·linux-definitions-schema.xsd">
1675	······<oval-def:generator>	1675	······<oval-def:generator>
1676	········<oval:product_name>OVALFileLinker·from·SCAP·Security·Guide</oval:product_name>	1676	········<oval:product_name>OVALFileLinker·from·SCAP·Security·Guide</oval:product_name>
1677	········<oval:product_version>ssg:·[0,·1,·74],·python:·3.12.7</oval:product_version>	1677	········<oval:product_version>ssg:·[0,·1,·74],·python:·3.12.7</oval:product_version>
1678	········<oval:schema_version>5.11</oval:schema_version>	1678	········<oval:schema_version>5.11</oval:schema_version>
1679	········<oval:timestamp>2024-11-02T18:39:34</oval:timestamp>	1679	········<oval:timestamp>2024-11-02T18:39:34</oval:timestamp>
1680	······</oval-def:generator>	1680	······</oval-def:generator>
Offset 2530, 368 lines modified		Offset 2530, 368 lines modified
2530	········<oval-def:external_variable·id="oval:ssg-var_enable_encrypted_searching:var:1"·version="1"·datatype="string"·comment="Expected·search·provider·name"/>	2530	········<oval-def:external_variable·id="oval:ssg-var_enable_encrypted_searching:var:1"·version="1"·datatype="string"·comment="Expected·search·provider·name"/>
2531	········<oval-def:external_variable·id="oval:ssg-var_extension_whitelist:var:1"·version="1"·datatype="string"·comment="Expected·approved·extensions"/>	2531	········<oval-def:external_variable·id="oval:ssg-var_extension_whitelist:var:1"·version="1"·datatype="string"·comment="Expected·approved·extensions"/>
2532	········<oval-def:external_variable·id="oval:ssg-var_auth_schema:var:1"·version="1"·datatype="string"·comment="Expected·HTTP·authentication·type"/>	2532	········<oval-def:external_variable·id="oval:ssg-var_auth_schema:var:1"·version="1"·datatype="string"·comment="Expected·HTTP·authentication·type"/>
2533	········<oval-def:external_variable·id="oval:ssg-var_trusted_home_page:var:1"·version="1"·datatype="string"·comment="Expected·home·page"/>	2533	········<oval-def:external_variable·id="oval:ssg-var_trusted_home_page:var:1"·version="1"·datatype="string"·comment="Expected·home·page"/>
2534	······</oval-def:variables>	2534	······</oval-def:variables>
2535	····</oval-def:oval_definitions>	2535	····</oval-def:oval_definitions>
2536	··</ds:component>	2536	··</ds:component>
2537	··<ds:component·id="scap_org.open-scap_comp_ssg-chromium-ocil.xml"·timestamp="2024-11-02T06:39:34">	2537	··<ds:component·id="scap_org.open-scap_comp_ssg-chromium-ocil.xml"·timestamp="2024-11-03T08:39:34">
2538	····<ocil:ocil>	2538	····<ocil:ocil>
2539	······<ocil:generator>	2539	······<ocil:generator>
2540	········<ocil:product_name>build_shorthand.py·from·SCAP·Security·Guide</ocil:product_name>	2540	········<ocil:product_name>build_shorthand.py·from·SCAP·Security·Guide</ocil:product_name>
2541	········<ocil:product_version>ssg:·0.1.74</ocil:product_version>	2541	········<ocil:product_version>ssg:·0.1.74</ocil:product_version>
2542	········<ocil:schema_version>2.0</ocil:schema_version>	2542	········<ocil:schema_version>2.0</ocil:schema_version>
2543	········<ocil:timestamp>2024-11-02T18:39:34</ocil:timestamp>	2543	········<ocil:timestamp>2024-11-02T18:39:34</ocil:timestamp>
2544	······</ocil:generator>	2544	······</ocil:generator>
2545	······<ocil:questionnaires>	2545	······<ocil:questionnaires>
2546	········<ocil:questionnaire·id="ocil:ssg-chromium_default~~_se~~arch_provider_ocil:questionnaire:1">	2546	········<ocil:questionnaire·id="ocil:ssg-chromium_disable_thirdparty_cookies_ocil:questionnaire:1">
		2547	··········<ocil:title>Disable·3rd·Party·Cookies</ocil:title>
2547	··········<ocil:title>Enable·the·Default·Search·Provider</ocil:title>
2548	··········<ocil:actions>
2549	············<ocil:test_action_ref>ocil:ssg-chromium_default_search_provider_action:testaction:1</ocil:test_action_ref>
2550	··········</ocil:actions>
2551	········</ocil:questionnaire>
2552	········<ocil:questionnaire·id="ocil:ssg-chromium_extension_whitelist_ocil:questionnaire:1">
2553	··········<ocil:title>Enable·Only·Approved·Extensions</ocil:title>
2554	··········<ocil:actions>	2548	··········<ocil:actions>
2555	············<ocil:test_action_ref>ocil:ssg-chromium_ext~~ension_whitel~~ist_action:testaction:1</ocil:test_action_ref>	2549	············<ocil:test_action_ref>ocil:ssg-chromium_disable_thirdparty_cookies_action:testaction:1</ocil:test_action_ref>
2556	··········</ocil:actions>	2550	··········</ocil:actions>
2557	········</ocil:questionnaire>	2551	········</ocil:questionnaire>
2558	········<ocil:questionnaire·id="ocil:ssg-chromium_disable_metric~~s_repor~~ting_ocil:questionnaire:1">	2552	········<ocil:questionnaire·id="ocil:ssg-chromium_disable_automatic_installation_ocil:questionnaire:1">
2559	··········<ocil:title>Disable·Metrics·~~Repor~~ting</ocil:title>	2553	··········<ocil:title>Disable·Automatic·Search·And·Installation·of·Plugins</ocil:title>
2560	··········<ocil:actions>	2554	··········<ocil:actions>
2561	············<ocil:test_action_ref>ocil:ssg-chromium_disable_metric~~s_repor~~ting_action:testaction:1</ocil:test_action_ref>	2555	············<ocil:test_action_ref>ocil:ssg-chromium_disable_automatic_installation_action:testaction:1</ocil:test_action_ref>
2562	··········</ocil:actions>	2556	··········</ocil:actions>
2563	········</ocil:questionnaire>	2557	········</ocil:questionnaire>
2564	········<ocil:questionnaire·id="ocil:ssg-chromium_disable_a~~utoc~~o~~mpl~~ete_ocil:questionnaire:1">	2558	········<ocil:questionnaire·id="ocil:ssg-chromium_default_search_provider_name_ocil:questionnaire:1">
2565	··········<ocil:title>~~Disabl~~e·the·Aut~~oFill~~·Fe~~ature~~</ocil:title>	2559	··········<ocil:title>Set·the·Default·Search·Provider's·URL</ocil:title>
2566	··········<ocil:actions>	2560	··········<ocil:actions>
2567	············<ocil:test_action_ref>ocil:ssg-chromium_disable_a~~utoc~~o~~mpl~~ete_action:testaction:1</ocil:test_action_ref>	2561	············<ocil:test_action_ref>ocil:ssg-chromium_default_search_provider_name_action:testaction:1</ocil:test_action_ref>
2568	··········</ocil:actions>	2562	··········</ocil:actions>
2569	········</ocil:questionnaire>	2563	········</ocil:questionnaire>
2570	········<ocil:questionnaire·id="ocil:ssg-chromium_disallow_locat~~ion~~_tr~~acking~~_ocil:questionnaire:1">	2564	········<ocil:questionnaire·id="ocil:ssg-chromium_default_search_provider_ocil:questionnaire:1">
2571	··········<ocil:title>Disable·~~Loc~~at~~ion~~·Tr~~acking~~</ocil:title>	2565	··········<ocil:title>Enable·the·Default·Search·Provider</ocil:title>
2572	··········<ocil:actions>	2566	··········<ocil:actions>
2573	············<ocil:test_action_ref>ocil:ssg-chromium_disallow_locat~~ion~~_tr~~acking~~_action:testaction:1</ocil:test_action_ref>	2567	············<ocil:test_action_ref>ocil:ssg-chromium_default_search_provider_action:testaction:1</ocil:test_action_ref>
2574	··········</ocil:actions>	2568	··········</ocil:actions>
2575	········</ocil:questionnaire>	2569	········</ocil:questionnaire>
2576	········<ocil:questionnaire·id="ocil:ssg-chromium_disable_~~prot~~o~~col~~_~~schema~~s_ocil:questionnaire:1">	2570	········<ocil:questionnaire·id="ocil:ssg-chromium_enable_approved_plugins_ocil:questionnaire:1">
2577	··········<ocil:title>Disable·In~~secu~~re·A~~nd·Obs~~olete·P~~rotoco~~l~~·Schema~~s</ocil:title>	2571	··········<ocil:title>Enable·Only·Approved·Plugins</ocil:title>
2578	··········<ocil:actions>	2572	··········<ocil:actions>
2579	············<ocil:test_action_ref>ocil:ssg-chromium_disable_~~prot~~o~~col~~_~~schema~~s_action:testaction:1</ocil:test_action_ref>	2573	············<ocil:test_action_ref>ocil:ssg-chromium_enable_approved_plugins_action:testaction:1</ocil:test_action_ref>
2580	··········</ocil:actions>	2574	··········</ocil:actions>
2581	········</ocil:questionnaire>	2575	········</ocil:questionnaire>
2582	········<ocil:questionnaire·id="ocil:ssg-chromium_d~~isabl~~e~~_clou~~d_p~~rint~~_sharing_ocil:questionnaire:1">	2576	········<ocil:questionnaire·id="ocil:ssg-chromium_trusted_home_page_ocil:questionnaire:1">
2583	··········<ocil:title>~~Disabl~~e·~~Clo~~u~~d·Print~~·Sharing</ocil:title>	2577	··········<ocil:title>Set·the·Default·Home·Page</ocil:title>
2584	··········<ocil:actions>	2578	··········<ocil:actions>
2585	············<ocil:test_action_ref>ocil:ssg-chromium_d~~isabl~~e~~_clou~~d_p~~rint~~_sharing_action:testaction:1</ocil:test_action_ref>	2579	············<ocil:test_action_ref>ocil:ssg-chromium_trusted_home_page_action:testaction:1</ocil:test_action_ref>
2586	··········</ocil:actions>	2580	··········</ocil:actions>
2587	········</ocil:questionnaire>	2581	········</ocil:questionnaire>
2588	········<ocil:questionnaire·id="ocil:ssg-chromium_disable_sea~~rch~~_su~~gge~~s~~tion~~s_ocil:questionnaire:1">	2582	········<ocil:questionnaire·id="ocil:ssg-chromium_disable_saved_passwords_ocil:questionnaire:1">
2589	··········<ocil:title>Disable·Sea~~rch~~·S~~uggestion~~</ocil:title>	2583	··········<ocil:title>Disable·Saved·Passwords</ocil:title>
2590	··········<ocil:actions>	2584	··········<ocil:actions>
2591	············<ocil:test_action_ref>ocil:ssg-chromium_disable_sea~~rch~~_su~~gge~~s~~tion~~s_action:testaction:1</ocil:test_action_ref>	2585	············<ocil:test_action_ref>ocil:ssg-chromium_disable_saved_passwords_action:testaction:1</ocil:test_action_ref>
2592	··········</ocil:actions>	2586	··········</ocil:actions>
2593	········</ocil:questionnaire>	2587	········</ocil:questionnaire>
2594	········<ocil:questionnaire·id="ocil:ssg-chromium_enable_~~brows~~er_history_ocil:questionnaire:1">	2588	········<ocil:questionnaire·id="ocil:ssg-chromium_disable_cleartext_passwords_ocil:questionnaire:1">
2595	··········<ocil:title>Enable·~~Saving~~·the·Br~~owser·Hi~~story</ocil:title>	2589	··········<ocil:title>Disable·Use·of·Cleartext·Passwords</ocil:title>
2596	··········<ocil:actions>	2590	··········<ocil:actions>
2597	············<ocil:test_action_ref>ocil:ssg-chromium_enable_~~brows~~er_history_action:testaction:1</ocil:test_action_ref>	2591	············<ocil:test_action_ref>ocil:ssg-chromium_disable_cleartext_passwords_action:testaction:1</ocil:test_action_ref>
2598	··········</ocil:actions>	2592	··········</ocil:actions>
2599	········</ocil:questionnaire>	2593	········</ocil:questionnaire>
2600	········<ocil:questionnaire·id="ocil:ssg-chromium_disable_auto~~matic_in~~s~~tallation~~_ocil:questionnaire:1">	2594	········<ocil:questionnaire·id="ocil:ssg-chromium_disable_popups_ocil:questionnaire:1">
2601	··········<ocil:title>Disable·~~Automatic·Search·And·Installation~~·o~~f·P~~lugins</ocil:title>	2595	··········<ocil:title>Disable·Popups</ocil:title>
2602	··········<ocil:actions>	2596	··········<ocil:actions>
2603	············<ocil:test_action_ref>ocil:ssg-chromium_disable_auto~~matic_in~~s~~tallation~~_action:testaction:1</ocil:test_action_ref>	2597	············<ocil:test_action_ref>ocil:ssg-chromium_disable_popups_action:testaction:1</ocil:test_action_ref>
2604	··········</ocil:actions>	2598	··········</ocil:actions>
2605	········</ocil:questionnaire>	2599	········</ocil:questionnaire>
2606	········<ocil:questionnaire·id="ocil:ssg-chromium_~~trust~~e~~d_h~~ome_page_ocil:questionnaire:1">	2600	········<ocil:questionnaire·id="ocil:ssg-chromium_disable_password_manager_ocil:questionnaire:1">
2607	··········<ocil:title>~~Set·th~~e·~~Defa~~u~~lt·H~~ome·Page</ocil:title>	2601	··········<ocil:title>Disable·Chromium·Password·Manager</ocil:title>
2608	··········<ocil:actions>	2602	··········<ocil:actions>
2609	············<ocil:test_action_ref>ocil:ssg-chromium_~~trust~~e~~d_h~~ome_page_action:testaction:1</ocil:test_action_ref>	2603	············<ocil:test_action_ref>ocil:ssg-chromium_disable_password_manager_action:testaction:1</ocil:test_action_ref>
2610	··········</ocil:actions>	2604	··········</ocil:actions>
2611	········</ocil:questionnaire>	2605	········</ocil:questionnaire>
2612	········<ocil:questionnaire·id="ocil:ssg-chromium_~~enable_~~e~~ncry~~p~~ted_search~~ing_ocil:questionnaire:1">	2606	········<ocil:questionnaire·id="ocil:ssg-chromium_block_desktop_notifications_ocil:questionnaire:1">
2613	··········<ocil:title>E~~nabl~~e~~·Encryp~~ted·~~Sear~~ching</ocil:title>	2607	··········<ocil:title>Prevent·Desktop·Notifications</ocil:title>
Max diff block lines reached; 68528/80743 bytes (84.87%) of diff not shown.


Offset 3, 359 lines modified		Offset 3, 359 lines modified
3	··<ocil:generator>	3	··<ocil:generator>
4	····<ocil:product_name>build_shorthand.py·from·SCAP·Security·Guide</ocil:product_name>	4	····<ocil:product_name>build_shorthand.py·from·SCAP·Security·Guide</ocil:product_name>
5	····<ocil:product_version>ssg:·0.1.74</ocil:product_version>	5	····<ocil:product_version>ssg:·0.1.74</ocil:product_version>
6	····<ocil:schema_version>2.0</ocil:schema_version>	6	····<ocil:schema_version>2.0</ocil:schema_version>
7	····<ocil:timestamp>2024-11-02T18:39:34</ocil:timestamp>	7	····<ocil:timestamp>2024-11-02T18:39:34</ocil:timestamp>
8	··</ocil:generator>	8	··</ocil:generator>
9	··<ocil:questionnaires>	9	··<ocil:questionnaires>
10	····<ocil:questionnaire·id="ocil:ssg-chromium_default~~_se~~arch_provider_ocil:questionnaire:1">	10	····<ocil:questionnaire·id="ocil:ssg-chromium_disable_thirdparty_cookies_ocil:questionnaire:1">
		11	······<ocil:title>Disable·3rd·Party·Cookies</ocil:title>
11	······<ocil:title>Enable·the·Default·Search·Provider</ocil:title>
12	······<ocil:actions>
13	········<ocil:test_action_ref>ocil:ssg-chromium_default_search_provider_action:testaction:1</ocil:test_action_ref>
14	······</ocil:actions>
15	····</ocil:questionnaire>
16	····<ocil:questionnaire·id="ocil:ssg-chromium_extension_whitelist_ocil:questionnaire:1">
17	······<ocil:title>Enable·Only·Approved·Extensions</ocil:title>
18	······<ocil:actions>	12	······<ocil:actions>
19	········<ocil:test_action_ref>ocil:ssg-chromium_ext~~ension_whitel~~ist_action:testaction:1</ocil:test_action_ref>	13	········<ocil:test_action_ref>ocil:ssg-chromium_disable_thirdparty_cookies_action:testaction:1</ocil:test_action_ref>
20	······</ocil:actions>	14	······</ocil:actions>
21	····</ocil:questionnaire>	15	····</ocil:questionnaire>
22	····<ocil:questionnaire·id="ocil:ssg-chromium_disable_metric~~s_repor~~ting_ocil:questionnaire:1">	16	····<ocil:questionnaire·id="ocil:ssg-chromium_disable_automatic_installation_ocil:questionnaire:1">
23	······<ocil:title>Disable·Metrics·~~Repor~~ting</ocil:title>	17	······<ocil:title>Disable·Automatic·Search·And·Installation·of·Plugins</ocil:title>
24	······<ocil:actions>	18	······<ocil:actions>
25	········<ocil:test_action_ref>ocil:ssg-chromium_disable_metric~~s_repor~~ting_action:testaction:1</ocil:test_action_ref>	19	········<ocil:test_action_ref>ocil:ssg-chromium_disable_automatic_installation_action:testaction:1</ocil:test_action_ref>
26	······</ocil:actions>	20	······</ocil:actions>
27	····</ocil:questionnaire>	21	····</ocil:questionnaire>
28	····<ocil:questionnaire·id="ocil:ssg-chromium_disable_a~~utoc~~o~~mpl~~ete_ocil:questionnaire:1">	22	····<ocil:questionnaire·id="ocil:ssg-chromium_default_search_provider_name_ocil:questionnaire:1">
29	······<ocil:title>~~Disabl~~e·the·Aut~~oFill~~·Fe~~ature~~</ocil:title>	23	······<ocil:title>Set·the·Default·Search·Provider's·URL</ocil:title>
30	······<ocil:actions>	24	······<ocil:actions>
31	········<ocil:test_action_ref>ocil:ssg-chromium_disable_a~~utoc~~o~~mpl~~ete_action:testaction:1</ocil:test_action_ref>	25	········<ocil:test_action_ref>ocil:ssg-chromium_default_search_provider_name_action:testaction:1</ocil:test_action_ref>
32	······</ocil:actions>	26	······</ocil:actions>
33	····</ocil:questionnaire>	27	····</ocil:questionnaire>
34	····<ocil:questionnaire·id="ocil:ssg-chromium_disallow_locat~~ion~~_tr~~acking~~_ocil:questionnaire:1">	28	····<ocil:questionnaire·id="ocil:ssg-chromium_default_search_provider_ocil:questionnaire:1">
35	······<ocil:title>Disable·~~Loc~~at~~ion~~·Tr~~acking~~</ocil:title>	29	······<ocil:title>Enable·the·Default·Search·Provider</ocil:title>
36	······<ocil:actions>	30	······<ocil:actions>
37	········<ocil:test_action_ref>ocil:ssg-chromium_disallow_locat~~ion~~_tr~~acking~~_action:testaction:1</ocil:test_action_ref>	31	········<ocil:test_action_ref>ocil:ssg-chromium_default_search_provider_action:testaction:1</ocil:test_action_ref>
38	······</ocil:actions>	32	······</ocil:actions>
39	····</ocil:questionnaire>	33	····</ocil:questionnaire>
40	····<ocil:questionnaire·id="ocil:ssg-chromium_disable_~~prot~~o~~col~~_~~schema~~s_ocil:questionnaire:1">	34	····<ocil:questionnaire·id="ocil:ssg-chromium_enable_approved_plugins_ocil:questionnaire:1">
41	······<ocil:title>Disable·In~~secu~~re·A~~nd·Obs~~olete·P~~rotoco~~l~~·Schema~~s</ocil:title>	35	······<ocil:title>Enable·Only·Approved·Plugins</ocil:title>
42	······<ocil:actions>	36	······<ocil:actions>
43	········<ocil:test_action_ref>ocil:ssg-chromium_disable_~~prot~~o~~col~~_~~schema~~s_action:testaction:1</ocil:test_action_ref>	37	········<ocil:test_action_ref>ocil:ssg-chromium_enable_approved_plugins_action:testaction:1</ocil:test_action_ref>
44	······</ocil:actions>	38	······</ocil:actions>
45	····</ocil:questionnaire>	39	····</ocil:questionnaire>
46	····<ocil:questionnaire·id="ocil:ssg-chromium_d~~isabl~~e~~_clou~~d_p~~rint~~_sharing_ocil:questionnaire:1">	40	····<ocil:questionnaire·id="ocil:ssg-chromium_trusted_home_page_ocil:questionnaire:1">
47	······<ocil:title>~~Disabl~~e·~~Clo~~u~~d·Print~~·Sharing</ocil:title>	41	······<ocil:title>Set·the·Default·Home·Page</ocil:title>
48	······<ocil:actions>	42	······<ocil:actions>
49	········<ocil:test_action_ref>ocil:ssg-chromium_d~~isabl~~e~~_clou~~d_p~~rint~~_sharing_action:testaction:1</ocil:test_action_ref>	43	········<ocil:test_action_ref>ocil:ssg-chromium_trusted_home_page_action:testaction:1</ocil:test_action_ref>
50	······</ocil:actions>	44	······</ocil:actions>
51	····</ocil:questionnaire>	45	····</ocil:questionnaire>
52	····<ocil:questionnaire·id="ocil:ssg-chromium_disable_sea~~rch~~_su~~gge~~s~~tion~~s_ocil:questionnaire:1">	46	····<ocil:questionnaire·id="ocil:ssg-chromium_disable_saved_passwords_ocil:questionnaire:1">
53	······<ocil:title>Disable·Sea~~rch~~·S~~uggestion~~</ocil:title>	47	······<ocil:title>Disable·Saved·Passwords</ocil:title>
54	······<ocil:actions>	48	······<ocil:actions>
55	········<ocil:test_action_ref>ocil:ssg-chromium_disable_sea~~rch~~_su~~gge~~s~~tion~~s_action:testaction:1</ocil:test_action_ref>	49	········<ocil:test_action_ref>ocil:ssg-chromium_disable_saved_passwords_action:testaction:1</ocil:test_action_ref>
56	······</ocil:actions>	50	······</ocil:actions>
57	····</ocil:questionnaire>	51	····</ocil:questionnaire>
58	····<ocil:questionnaire·id="ocil:ssg-chromium_enable_~~brows~~er_history_ocil:questionnaire:1">	52	····<ocil:questionnaire·id="ocil:ssg-chromium_disable_cleartext_passwords_ocil:questionnaire:1">
59	······<ocil:title>Enable·~~Saving~~·the·Br~~owser·Hi~~story</ocil:title>	53	······<ocil:title>Disable·Use·of·Cleartext·Passwords</ocil:title>
60	······<ocil:actions>	54	······<ocil:actions>
61	········<ocil:test_action_ref>ocil:ssg-chromium_enable_~~brows~~er_history_action:testaction:1</ocil:test_action_ref>	55	········<ocil:test_action_ref>ocil:ssg-chromium_disable_cleartext_passwords_action:testaction:1</ocil:test_action_ref>
62	······</ocil:actions>	56	······</ocil:actions>
63	····</ocil:questionnaire>	57	····</ocil:questionnaire>
64	····<ocil:questionnaire·id="ocil:ssg-chromium_disable_auto~~matic_in~~s~~tallation~~_ocil:questionnaire:1">	58	····<ocil:questionnaire·id="ocil:ssg-chromium_disable_popups_ocil:questionnaire:1">
65	······<ocil:title>Disable·~~Automatic·Search·And·Installation~~·o~~f·P~~lugins</ocil:title>	59	······<ocil:title>Disable·Popups</ocil:title>
66	······<ocil:actions>	60	······<ocil:actions>
67	········<ocil:test_action_ref>ocil:ssg-chromium_disable_auto~~matic_in~~s~~tallation~~_action:testaction:1</ocil:test_action_ref>	61	········<ocil:test_action_ref>ocil:ssg-chromium_disable_popups_action:testaction:1</ocil:test_action_ref>
68	······</ocil:actions>	62	······</ocil:actions>
69	····</ocil:questionnaire>	63	····</ocil:questionnaire>
70	····<ocil:questionnaire·id="ocil:ssg-chromium_~~trust~~e~~d_h~~ome_page_ocil:questionnaire:1">	64	····<ocil:questionnaire·id="ocil:ssg-chromium_disable_password_manager_ocil:questionnaire:1">
71	······<ocil:title>~~Set·th~~e·~~Defa~~u~~lt·H~~ome·Page</ocil:title>	65	······<ocil:title>Disable·Chromium·Password·Manager</ocil:title>
72	······<ocil:actions>	66	······<ocil:actions>
73	········<ocil:test_action_ref>ocil:ssg-chromium_~~trust~~e~~d_h~~ome_page_action:testaction:1</ocil:test_action_ref>	67	········<ocil:test_action_ref>ocil:ssg-chromium_disable_password_manager_action:testaction:1</ocil:test_action_ref>
74	······</ocil:actions>	68	······</ocil:actions>
75	····</ocil:questionnaire>	69	····</ocil:questionnaire>
76	····<ocil:questionnaire·id="ocil:ssg-chromium_~~enable_~~e~~ncry~~p~~ted_search~~ing_ocil:questionnaire:1">	70	····<ocil:questionnaire·id="ocil:ssg-chromium_block_desktop_notifications_ocil:questionnaire:1">
77	······<ocil:title>E~~nabl~~e~~·Encryp~~ted·~~Sear~~ching</ocil:title>	71	······<ocil:title>Prevent·Desktop·Notifications</ocil:title>
78	······<ocil:actions>	72	······<ocil:actions>
79	········<ocil:test_action_ref>ocil:ssg-chromium_~~enable_~~e~~ncry~~p~~ted_search~~ing_action:testaction:1</ocil:test_action_ref>	73	········<ocil:test_action_ref>ocil:ssg-chromium_block_desktop_notifications_action:testaction:1</ocil:test_action_ref>
80	······</ocil:actions>	74	······</ocil:actions>
81	····</ocil:questionnaire>	75	····</ocil:questionnaire>
82	····<ocil:questionnaire·id="ocil:ssg-chromium_disable_~~outdated_plug~~ins_ocil:questionnaire:1">	76	····<ocil:questionnaire·id="ocil:ssg-chromium_disable_plugin_blacklist_ocil:questionnaire:1">
83	······<ocil:title>Disable·~~Outdated~~·Plugins</ocil:title>	77	······<ocil:title>Disable·All·Plugins·by·Default</ocil:title>
84	······<ocil:actions>	78	······<ocil:actions>
85	········<ocil:test_action_ref>ocil:ssg-chromium_disable_~~outdated_plug~~ins_action:testaction:1</ocil:test_action_ref>	79	········<ocil:test_action_ref>ocil:ssg-chromium_disable_plugin_blacklist_action:testaction:1</ocil:test_action_ref>
86	······</ocil:actions>	80	······</ocil:actions>
87	····</ocil:questionnaire>	81	····</ocil:questionnaire>
88	····<ocil:questionnaire·id="ocil:ssg-chromium_~~check~~_cert_~~rev~~ocation_ocil:questionnaire:1">	82	····<ocil:questionnaire·id="ocil:ssg-chromium_plugins_require_authorization_ocil:questionnaire:1">
89	······<ocil:title>~~Enabl~~e·O~~nlin~~e~~·OCSP/CRL~~·C~~ertifica~~te~~·Checks~~</ocil:title>	83	······<ocil:title>Require·Outdated·Plugins·to·be·Authorized</ocil:title>
90	······<ocil:actions>	84	······<ocil:actions>
91	········<ocil:test_action_ref>ocil:ssg-chromium_~~check~~_cert_~~rev~~ocation_action:testaction:1</ocil:test_action_ref>	85	········<ocil:test_action_ref>ocil:ssg-chromium_plugins_require_authorization_action:testaction:1</ocil:test_action_ref>
92	······</ocil:actions>	86	······</ocil:actions>
93	····</ocil:questionnaire>	87	····</ocil:questionnaire>
94	····<ocil:questionnaire·id="ocil:ssg-chromium_disable_background_processing_ocil:questionnaire:1">	88	····<ocil:questionnaire·id="ocil:ssg-chromium_disable_background_processing_ocil:questionnaire:1">
95	······<ocil:title>Disable·Background·Processing</ocil:title>	89	······<ocil:title>Disable·Background·Processing</ocil:title>
96	······<ocil:actions>	90	······<ocil:actions>
97	········<ocil:test_action_ref>ocil:ssg-chromium_disable_background_processing_action:testaction:1</ocil:test_action_ref>	91	········<ocil:test_action_ref>ocil:ssg-chromium_disable_background_processing_action:testaction:1</ocil:test_action_ref>
98	······</ocil:actions>	92	······</ocil:actions>
99	····</ocil:questionnaire>	93	····</ocil:questionnaire>
100	····<ocil:questionnaire·id="ocil:ssg-chromium_disable_inc~~ognito~~_~~mode~~_ocil:questionnaire:1">	94	····<ocil:questionnaire·id="ocil:ssg-chromium_enable_encrypted_searching_ocil:questionnaire:1">
101	······<ocil:title>Disable·Inc~~ognito~~·~~Mode~~</ocil:title>	95	······<ocil:title>Enable·Encrypted·Searching</ocil:title>
102	······<ocil:actions>	96	······<ocil:actions>
103	········<ocil:test_action_ref>ocil:ssg-chromium_disable_inc~~ognito~~_~~mode~~_action:testaction:1</ocil:test_action_ref>	97	········<ocil:test_action_ref>ocil:ssg-chromium_enable_encrypted_searching_action:testaction:1</ocil:test_action_ref>
104	······</ocil:actions>	98	······</ocil:actions>
105	····</ocil:questionnaire>	99	····</ocil:questionnaire>
106	····<ocil:questionnaire·id="ocil:ssg-chromium_disable_~~sess~~io~~n_cookies~~_ocil:questionnaire:1">	100	····<ocil:questionnaire·id="ocil:ssg-chromium_disable_google_sync_ocil:questionnaire:1">
107	······<ocil:title>Disable·S~~ess~~ion·Coo~~kies~~</ocil:title>	101	······<ocil:title>Disable·Data·Synchronization·to·Google</ocil:title>
108	······<ocil:actions>	102	······<ocil:actions>
109	········<ocil:test_action_ref>ocil:ssg-chromium_disable_~~sess~~io~~n_cookies~~_action:testaction:1</ocil:test_action_ref>	103	········<ocil:test_action_ref>ocil:ssg-chromium_disable_google_sync_action:testaction:1</ocil:test_action_ref>
110	······</ocil:actions>	104	······</ocil:actions>
111	····</ocil:questionnaire>	105	····</ocil:questionnaire>
112	····<ocil:questionnaire·id="ocil:ssg-chromium_disable_f~~irewall~~_~~traver~~sal_ocil:questionnaire:1">	106	····<ocil:questionnaire·id="ocil:ssg-chromium_disable_session_cookies_ocil:questionnaire:1">
113	······<ocil:title>Disable·~~Chromiu~~m's~~·Abi~~lity·to~~·Traverse~~·Fire~~wall~~s</ocil:title>	107	······<ocil:title>Disable·Session·Cookies</ocil:title>
114	······<ocil:actions>	108	······<ocil:actions>
115	········<ocil:test_action_ref>ocil:ssg-chromium_disable_f~~irewall~~_~~traver~~sal_action:testaction:1</ocil:test_action_ref>	109	········<ocil:test_action_ref>ocil:ssg-chromium_disable_session_cookies_action:testaction:1</ocil:test_action_ref>
116	······</ocil:actions>	110	······</ocil:actions>
117	····</ocil:questionnaire>	111	····</ocil:questionnaire>
118	····<ocil:questionnaire·id="ocil:ssg-chromium_disable_3d_graphics_api_ocil:questionnaire:1">	112	····<ocil:questionnaire·id="ocil:ssg-chromium_disable_3d_graphics_api_ocil:questionnaire:1">
119	······<ocil:title>Disable·the·3D·Graphics·APIs</ocil:title>	113	······<ocil:title>Disable·the·3D·Graphics·APIs</ocil:title>
120	······<ocil:actions>	114	······<ocil:actions>
121	········<ocil:test_action_ref>ocil:ssg-chromium_disable_3d_graphics_api_action:testaction:1</ocil:test_action_ref>	115	········<ocil:test_action_ref>ocil:ssg-chromium_disable_3d_graphics_api_action:testaction:1</ocil:test_action_ref>
122	······</ocil:actions>	116	······</ocil:actions>
123	····</ocil:questionnaire>	117	····</ocil:questionnaire>
124	····<ocil:questionnaire·id="ocil:ssg-chromium_disable_~~saved_passw~~ords_ocil:questionnaire:1">	118	····<ocil:questionnaire·id="ocil:ssg-chromium_disable_metrics_reporting_ocil:questionnaire:1">
125	······<ocil:title>Disable·~~Saved·Passw~~ords</ocil:title>	119	······<ocil:title>Disable·Metrics·Reporting</ocil:title>
126	······<ocil:actions>	120	······<ocil:actions>
127	········<ocil:test_action_ref>ocil:ssg-chromium_disable_~~saved_passw~~ords_action:testaction:1</ocil:test_action_ref>	121	········<ocil:test_action_ref>ocil:ssg-chromium_disable_metrics_reporting_action:testaction:1</ocil:test_action_ref>
128	······</ocil:actions>	122	······</ocil:actions>
Max diff block lines reached; 59807/71782 bytes (83.32%) of diff not shown.


Offset 19, 15 lines modified		Offset 19, 15 lines modified
19	····</ds:checklists>	19	····</ds:checklists>
20	····<ds:checks>	20	····<ds:checks>
21	······<ds:component-ref·id="scap_org.open-scap_cref_ssg-eks-oval.xml"·xlink:href="#scap_org.open-scap_comp_ssg-eks-oval.xml"/>	21	······<ds:component-ref·id="scap_org.open-scap_cref_ssg-eks-oval.xml"·xlink:href="#scap_org.open-scap_comp_ssg-eks-oval.xml"/>
22	······<ds:component-ref·id="scap_org.open-scap_cref_ssg-eks-ocil.xml"·xlink:href="#scap_org.open-scap_comp_ssg-eks-ocil.xml"/>	22	······<ds:component-ref·id="scap_org.open-scap_cref_ssg-eks-ocil.xml"·xlink:href="#scap_org.open-scap_comp_ssg-eks-ocil.xml"/>
23	······<ds:component-ref·id="scap_org.open-scap_cref_ssg-eks-cpe-oval.xml"·xlink:href="#scap_org.open-scap_comp_ssg-eks-cpe-oval.xml"/>	23	······<ds:component-ref·id="scap_org.open-scap_cref_ssg-eks-cpe-oval.xml"·xlink:href="#scap_org.open-scap_comp_ssg-eks-cpe-oval.xml"/>
24	····</ds:checks>	24	····</ds:checks>
25	··</ds:data-stream>	25	··</ds:data-stream>
26	··<ds:component·id="scap_org.open-scap_comp_ssg-eks-cpe-dictionary.xml"·timestamp="2024-11-02T06:39:34">	26	··<ds:component·id="scap_org.open-scap_comp_ssg-eks-cpe-dictionary.xml"·timestamp="2024-11-03T08:39:34">
27	····<cpe-dict:cpe-list·xsi:schemaLocation="http://cpe.mitre.org/dictionary/2.0·http://cpe.mitre.org/files/cpe-dictionary_2.1.xsd">	27	····<cpe-dict:cpe-list·xsi:schemaLocation="http://cpe.mitre.org/dictionary/2.0·http://cpe.mitre.org/files/cpe-dictionary_2.1.xsd">
28	······<cpe-dict:cpe-item·name="cpe:/a:amazon:elastic_kubernetes_service:1">	28	······<cpe-dict:cpe-item·name="cpe:/a:amazon:elastic_kubernetes_service:1">
29	········<cpe-dict:title·xml:lang="en-us">Amazon·Elastic·Kubernetes·Service</cpe-dict:title>	29	········<cpe-dict:title·xml:lang="en-us">Amazon·Elastic·Kubernetes·Service</cpe-dict:title>
30	········<cpe-dict:check·system="http://oval.mitre.org/XMLSchema/oval-definitions-5"·href="ssg-eks-cpe-oval.xml">oval:ssg-installed_app_is_eks:def:1</cpe-dict:check>	30	········<cpe-dict:check·system="http://oval.mitre.org/XMLSchema/oval-definitions-5"·href="ssg-eks-cpe-oval.xml">oval:ssg-installed_app_is_eks:def:1</cpe-dict:check>
31	······</cpe-dict:cpe-item>	31	······</cpe-dict:cpe-item>
32	······<cpe-dict:cpe-item·name="cpe:/a:amazon:elastic_kubernetes_service_node:1.21">	32	······<cpe-dict:cpe-item·name="cpe:/a:amazon:elastic_kubernetes_service_node:1.21">
33	········<cpe-dict:title·xml:lang="en-us">Amazon·Elastic·Kubernetes·Service·1.21</cpe-dict:title>	33	········<cpe-dict:title·xml:lang="en-us">Amazon·Elastic·Kubernetes·Service·1.21</cpe-dict:title>
Offset 35, 17 lines modified		Offset 35, 17 lines modified
35	······</cpe-dict:cpe-item>	35	······</cpe-dict:cpe-item>
36	······<cpe-dict:cpe-item·name="cpe:/o:amazon:elastic_kubernetes_service_node:1">	36	······<cpe-dict:cpe-item·name="cpe:/o:amazon:elastic_kubernetes_service_node:1">
37	········<cpe-dict:title·xml:lang="en-us">Amazon·Elastic·Kubernetes·Service·Node</cpe-dict:title>	37	········<cpe-dict:title·xml:lang="en-us">Amazon·Elastic·Kubernetes·Service·Node</cpe-dict:title>
38	········<cpe-dict:check·system="http://oval.mitre.org/XMLSchema/oval-definitions-5"·href="ssg-eks-cpe-oval.xml">oval:ssg-installed_app_is_eks_node:def:1</cpe-dict:check>	38	········<cpe-dict:check·system="http://oval.mitre.org/XMLSchema/oval-definitions-5"·href="ssg-eks-cpe-oval.xml">oval:ssg-installed_app_is_eks_node:def:1</cpe-dict:check>
39	······</cpe-dict:cpe-item>	39	······</cpe-dict:cpe-item>
40	····</cpe-dict:cpe-list>	40	····</cpe-dict:cpe-list>
41	··</ds:component>	41	··</ds:component>
42	··<ds:component·id="scap_org.open-scap_comp_ssg-eks-xccdf.xml"·timestamp="2024-11-02T06:39:34">	42	··<ds:component·id="scap_org.open-scap_comp_ssg-eks-xccdf.xml"·timestamp="2024-11-03T08:39:34">
43	····<xccdf-1.2:Benchmark·id="xccdf_org.ssgproject.content_benchmark_EKS"·xsi:schemaLocation="http://checklists.nist.gov/xccdf/1.2·xccdf-1.2.xsd"·style="SCAP_1.2"·resolved="true"·xml:lang="en-US">	43	····<xccdf-1.2:Benchmark·id="xccdf_org.ssgproject.content_benchmark_EKS"·xsi:schemaLocation="http://checklists.nist.gov/xccdf/1.2·xccdf-1.2.xsd"·style="SCAP_1.2"·resolved="true"·xml:lang="en-US">
44	······<xccdf-1.2:status·date="2026-01-08">draft</xccdf-1.2:status>	44	······<xccdf-1.2:status·date="2024-12-07">draft</xccdf-1.2:status>
45	······<xccdf-1.2:title>Guide·to·the·Secure·Configuration·of·Amazon·Elastic·Kubernetes·Service</xccdf-1.2:title>	45	······<xccdf-1.2:title>Guide·to·the·Secure·Configuration·of·Amazon·Elastic·Kubernetes·Service</xccdf-1.2:title>
46	······<xccdf-1.2:description>	46	······<xccdf-1.2:description>
47	········This·guide·presents·a·catalog·of·security-relevant	47	········This·guide·presents·a·catalog·of·security-relevant
48	configuration·settings·for·Amazon·Elastic·Kubernetes·Service.·It·is·a·rendering·of	48	configuration·settings·for·Amazon·Elastic·Kubernetes·Service.·It·is·a·rendering·of
49	content·structured·in·the·eXtensible·Configuration·Checklist·Description·Format·(XCCDF)	49	content·structured·in·the·eXtensible·Configuration·Checklist·Description·Format·(XCCDF)
50	in·order·to·support·security·automation.··The·SCAP·content·is	50	in·order·to·support·security·automation.··The·SCAP·content·is
51	is·available·in·the	51	is·available·in·the
Offset 113, 24 lines modified		Offset 113, 24 lines modified
113	······<xccdf-1.2:reference·href="https://public.cyber.mil/stigs/downloads/?_dl_facet_stigs=operating-systems%2Cgeneral-purpose-os">os-srg</xccdf-1.2:reference>	113	······<xccdf-1.2:reference·href="https://public.cyber.mil/stigs/downloads/?_dl_facet_stigs=operating-systems%2Cgeneral-purpose-os">os-srg</xccdf-1.2:reference>
114	······<xccdf-1.2:reference·href="https://www.niap-ccevs.org/Profile/PP.cfm">ospp</xccdf-1.2:reference>	114	······<xccdf-1.2:reference·href="https://www.niap-ccevs.org/Profile/PP.cfm">ospp</xccdf-1.2:reference>
115	······<xccdf-1.2:reference·href="https://www.pcisecuritystandards.org/documents/PCI_DSS_v3-2-1.pdf">pcidss</xccdf-1.2:reference>	115	······<xccdf-1.2:reference·href="https://www.pcisecuritystandards.org/documents/PCI_DSS_v3-2-1.pdf">pcidss</xccdf-1.2:reference>
116	······<xccdf-1.2:reference·href="https://docs-prv.pcisecuritystandards.org/PCI%20DSS/Standard/PCI-DSS-v4_0.pdf">pcidss4</xccdf-1.2:reference>	116	······<xccdf-1.2:reference·href="https://docs-prv.pcisecuritystandards.org/PCI%20DSS/Standard/PCI-DSS-v4_0.pdf">pcidss4</xccdf-1.2:reference>


Offset 1, 10 lines modified		Offset 1, 10 lines modified
1	<?xml·version="1.0"·encoding="utf-8"?>	1	<?xml·version="1.0"·encoding="utf-8"?>
2	<xccdf-1.2:Benchmark·xmlns:cpe-lang="http://cpe.mitre.org/language/2.0"·xmlns:dc="http://purl.org/dc/elements/1.1/"·xmlns:html="http://www.w3.org/1999/xhtml"·xmlns:xccdf-1.2="http://checklists.nist.gov/xccdf/1.2"·xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"·id="xccdf_org.ssgproject.content_benchmark_EKS"·xsi:schemaLocation="http://checklists.nist.gov/xccdf/1.2·xccdf-1.2.xsd"·style="SCAP_1.2"·resolved="true"·xml:lang="en-US">	2	<xccdf-1.2:Benchmark·xmlns:cpe-lang="http://cpe.mitre.org/language/2.0"·xmlns:dc="http://purl.org/dc/elements/1.1/"·xmlns:html="http://www.w3.org/1999/xhtml"·xmlns:xccdf-1.2="http://checklists.nist.gov/xccdf/1.2"·xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"·id="xccdf_org.ssgproject.content_benchmark_EKS"·xsi:schemaLocation="http://checklists.nist.gov/xccdf/1.2·xccdf-1.2.xsd"·style="SCAP_1.2"·resolved="true"·xml:lang="en-US">
3	··<xccdf-1.2:status·date="2026-01-08">draft</xccdf-1.2:status>	3	··<xccdf-1.2:status·date="2024-12-07">draft</xccdf-1.2:status>
4	··<xccdf-1.2:title>Guide·to·the·Secure·Configuration·of·Amazon·Elastic·Kubernetes·Service</xccdf-1.2:title>	4	··<xccdf-1.2:title>Guide·to·the·Secure·Configuration·of·Amazon·Elastic·Kubernetes·Service</xccdf-1.2:title>
5	··<xccdf-1.2:description>	5	··<xccdf-1.2:description>
6	····This·guide·presents·a·catalog·of·security-relevant	6	····This·guide·presents·a·catalog·of·security-relevant
7	configuration·settings·for·Amazon·Elastic·Kubernetes·Service.·It·is·a·rendering·of	7	configuration·settings·for·Amazon·Elastic·Kubernetes·Service.·It·is·a·rendering·of
8	content·structured·in·the·eXtensible·Configuration·Checklist·Description·Format·(XCCDF)	8	content·structured·in·the·eXtensible·Configuration·Checklist·Description·Format·(XCCDF)
9	in·order·to·support·security·automation.··The·SCAP·content·is	9	in·order·to·support·security·automation.··The·SCAP·content·is
10	is·available·in·the	10	is·available·in·the
Offset 72, 24 lines modified		Offset 72, 24 lines modified
72	··<xccdf-1.2:reference·href="https://public.cyber.mil/stigs/downloads/?_dl_facet_stigs=operating-systems%2Cgeneral-purpose-os">os-srg</xccdf-1.2:reference>	72	··<xccdf-1.2:reference·href="https://public.cyber.mil/stigs/downloads/?_dl_facet_stigs=operating-systems%2Cgeneral-purpose-os">os-srg</xccdf-1.2:reference>
73	··<xccdf-1.2:reference·href="https://www.niap-ccevs.org/Profile/PP.cfm">ospp</xccdf-1.2:reference>	73	··<xccdf-1.2:reference·href="https://www.niap-ccevs.org/Profile/PP.cfm">ospp</xccdf-1.2:reference>
74	··<xccdf-1.2:reference·href="https://www.pcisecuritystandards.org/documents/PCI_DSS_v3-2-1.pdf">pcidss</xccdf-1.2:reference>	74	··<xccdf-1.2:reference·href="https://www.pcisecuritystandards.org/documents/PCI_DSS_v3-2-1.pdf">pcidss</xccdf-1.2:reference>
75	··<xccdf-1.2:reference·href="https://docs-prv.pcisecuritystandards.org/PCI%20DSS/Standard/PCI-DSS-v4_0.pdf">pcidss4</xccdf-1.2:reference>	75	··<xccdf-1.2:reference·href="https://docs-prv.pcisecuritystandards.org/PCI%20DSS/Standard/PCI-DSS-v4_0.pdf">pcidss4</xccdf-1.2:reference>
76	··<xccdf-1.2:reference·href="https://public.cyber.mil/stigs/downloads/?_dl_facet_stigs=operating-systems%2Cunix-linux">stigid</xccdf-1.2:reference>	76	··<xccdf-1.2:reference·href="https://public.cyber.mil/stigs/downloads/?_dl_facet_stigs=operating-systems%2Cunix-linux">stigid</xccdf-1.2:reference>
77	··<xccdf-1.2:reference·href="https://public.cyber.mil/stigs/srg-stig-tools/">stigref</xccdf-1.2:reference>	77	··<xccdf-1.2:reference·href="https://public.cyber.mil/stigs/srg-stig-tools/">stigref</xccdf-1.2:reference>
78	··<cpe-lang:platform-specification>	78	··<cpe-lang:platform-specification>
79	····<cpe-lang:platform·id="not_ocp4-on-hypershift">
80	······<cpe-lang:logical-test·operator="AND"·negate="true">
81	········<cpe-lang:check-fact-ref·system="http://oval.mitre.org/XMLSchema/oval-definitions-5"·href="ssg-eks-cpe-oval.xml"·id-ref="oval:ssg-installed_app_is_ocp4_on_hypershift:def:1"/>
82	······</cpe-lang:logical-test>
83	····</cpe-lang:platform>
84	····<cpe-lang:platform·id="eks-node">	79	····<cpe-lang:platform·id="eks-node">
85	······<cpe-lang:logical-test·operator="AND"·negate="false">	80	······<cpe-lang:logical-test·operator="AND"·negate="false">
86	········<cpe-lang:check-fact-ref·system="http://oval.mitre.org/XMLSchema/oval-definitions-5"·href="ssg-eks-cpe-oval.xml"·id-ref="oval:ssg-installed_app_is_eks_node:def:1"/>	81	········<cpe-lang:check-fact-ref·system="http://oval.mitre.org/XMLSchema/oval-definitions-5"·href="ssg-eks-cpe-oval.xml"·id-ref="oval:ssg-installed_app_is_eks_node:def:1"/>
87	······</cpe-lang:logical-test>	82	······</cpe-lang:logical-test>
88	····</cpe-lang:platform>	83	····</cpe-lang:platform>
		84	····<cpe-lang:platform·id="not_ocp4-on-hypershift">
		85	······<cpe-lang:logical-test·operator="AND"·negate="true">
		86	········<cpe-lang:check-fact-ref·system="http://oval.mitre.org/XMLSchema/oval-definitions-5"·href="ssg-eks-cpe-oval.xml"·id-ref="oval:ssg-installed_app_is_ocp4_on_hypershift:def:1"/>
		87	······</cpe-lang:logical-test>
		88	····</cpe-lang:platform>
89	··</cpe-lang:platform-specification>	89	··</cpe-lang:platform-specification>
90	··<xccdf-1.2:platform·idref="cpe:/a:amazon:elastic_kubernetes_service_node:1.21"/>	90	··<xccdf-1.2:platform·idref="cpe:/a:amazon:elastic_kubernetes_service_node:1.21"/>
91	··<xccdf-1.2:platform·idref="cpe:/o:amazon:elastic_kubernetes_service_node:1"/>	91	··<xccdf-1.2:platform·idref="cpe:/o:amazon:elastic_kubernetes_service_node:1"/>
92	··<xccdf-1.2:platform·idref="cpe:/a:amazon:elastic_kubernetes_service:1"/>	92	··<xccdf-1.2:platform·idref="cpe:/a:amazon:elastic_kubernetes_service:1"/>
93	··<xccdf-1.2:version·update="https://github.com/ComplianceAsCode/content/releases/latest">0.1.74</xccdf-1.2:version>	93	··<xccdf-1.2:version·update="https://github.com/ComplianceAsCode/content/releases/latest">0.1.74</xccdf-1.2:version>


Offset 19, 25 lines modified		Offset 19, 25 lines modified
19	····</ds:checklists>	19	····</ds:checklists>
20	····<ds:checks>	20	····<ds:checks>
21	······<ds:component-ref·id="scap_org.open-scap_cref_ssg-firefox-oval.xml"·xlink:href="#scap_org.open-scap_comp_ssg-firefox-oval.xml"/>	21	······<ds:component-ref·id="scap_org.open-scap_cref_ssg-firefox-oval.xml"·xlink:href="#scap_org.open-scap_comp_ssg-firefox-oval.xml"/>
22	······<ds:component-ref·id="scap_org.open-scap_cref_ssg-firefox-ocil.xml"·xlink:href="#scap_org.open-scap_comp_ssg-firefox-ocil.xml"/>	22	······<ds:component-ref·id="scap_org.open-scap_cref_ssg-firefox-ocil.xml"·xlink:href="#scap_org.open-scap_comp_ssg-firefox-ocil.xml"/>
23	······<ds:component-ref·id="scap_org.open-scap_cref_ssg-firefox-cpe-oval.xml"·xlink:href="#scap_org.open-scap_comp_ssg-firefox-cpe-oval.xml"/>	23	······<ds:component-ref·id="scap_org.open-scap_cref_ssg-firefox-cpe-oval.xml"·xlink:href="#scap_org.open-scap_comp_ssg-firefox-cpe-oval.xml"/>
24	····</ds:checks>	24	····</ds:checks>
25	··</ds:data-stream>	25	··</ds:data-stream>
26	··<ds:component·id="scap_org.open-scap_comp_ssg-firefox-cpe-dictionary.xml"·timestamp="2024-11-02T06:39:34">	26	··<ds:component·id="scap_org.open-scap_comp_ssg-firefox-cpe-dictionary.xml"·timestamp="2024-11-03T08:39:34">
27	····<cpe-dict:cpe-list·xsi:schemaLocation="http://cpe.mitre.org/dictionary/2.0·http://cpe.mitre.org/files/cpe-dictionary_2.1.xsd">	27	····<cpe-dict:cpe-list·xsi:schemaLocation="http://cpe.mitre.org/dictionary/2.0·http://cpe.mitre.org/files/cpe-dictionary_2.1.xsd">
28	······<cpe-dict:cpe-item·name="cpe:/a:mozilla:firefox">	28	······<cpe-dict:cpe-item·name="cpe:/a:mozilla:firefox">
29	········<cpe-dict:title·xml:lang="en-us">Mozilla·Firefox</cpe-dict:title>	29	········<cpe-dict:title·xml:lang="en-us">Mozilla·Firefox</cpe-dict:title>
30	········<cpe-dict:check·system="http://oval.mitre.org/XMLSchema/oval-definitions-5"·href="ssg-firefox-cpe-oval.xml">oval:ssg-installed_app_is_firefox:def:1</cpe-dict:check>	30	········<cpe-dict:check·system="http://oval.mitre.org/XMLSchema/oval-definitions-5"·href="ssg-firefox-cpe-oval.xml">oval:ssg-installed_app_is_firefox:def:1</cpe-dict:check>
31	······</cpe-dict:cpe-item>	31	······</cpe-dict:cpe-item>
32	····</cpe-dict:cpe-list>	32	····</cpe-dict:cpe-list>
33	··</ds:component>	33	··</ds:component>
34	··<ds:component·id="scap_org.open-scap_comp_ssg-firefox-xccdf.xml"·timestamp="2024-11-02T06:39:34">	34	··<ds:component·id="scap_org.open-scap_comp_ssg-firefox-xccdf.xml"·timestamp="2024-11-03T08:39:34">
35	····<xccdf-1.2:Benchmark·id="xccdf_org.ssgproject.content_benchmark_FIREFOX"·xsi:schemaLocation="http://checklists.nist.gov/xccdf/1.2·xccdf-1.2.xsd"·style="SCAP_1.2"·resolved="true"·xml:lang="en-US">	35	····<xccdf-1.2:Benchmark·id="xccdf_org.ssgproject.content_benchmark_FIREFOX"·xsi:schemaLocation="http://checklists.nist.gov/xccdf/1.2·xccdf-1.2.xsd"·style="SCAP_1.2"·resolved="true"·xml:lang="en-US">
36	······<xccdf-1.2:status·date="2026-01-08">draft</xccdf-1.2:status>	36	······<xccdf-1.2:status·date="2024-12-07">draft</xccdf-1.2:status>
37	······<xccdf-1.2:title>Guide·to·the·Secure·Configuration·of·Firefox</xccdf-1.2:title>	37	······<xccdf-1.2:title>Guide·to·the·Secure·Configuration·of·Firefox</xccdf-1.2:title>
38	······<xccdf-1.2:description>	38	······<xccdf-1.2:description>
39	········This·guide·presents·a·catalog·of·security-relevant	39	········This·guide·presents·a·catalog·of·security-relevant
40	configuration·settings·for·Firefox.·It·is·a·rendering·of	40	configuration·settings·for·Firefox.·It·is·a·rendering·of
41	content·structured·in·the·eXtensible·Configuration·Checklist·Description·Format·(XCCDF)	41	content·structured·in·the·eXtensible·Configuration·Checklist·Description·Format·(XCCDF)
42	in·order·to·support·security·automation.··The·SCAP·content·is	42	in·order·to·support·security·automation.··The·SCAP·content·is
43	is·available·in·the	43	is·available·in·the
Offset 3479, 15 lines modified		Offset 3479, 15 lines modified
3479	··············<xccdf-1.2:check-content-ref·href="ssg-firefox-ocil.xml"·name="ocil:ssg-firefox_preferences-enable_ca_trust_ocil:questionnaire:1"/>	3479	··············<xccdf-1.2:check-content-ref·href="ssg-firefox-ocil.xml"·name="ocil:ssg-firefox_preferences-enable_ca_trust_ocil:questionnaire:1"/>
3480	············</xccdf-1.2:check>	3480	············</xccdf-1.2:check>
3481	··········</xccdf-1.2:Rule>	3481	··········</xccdf-1.2:Rule>
3482	········</xccdf-1.2:Group>	3482	········</xccdf-1.2:Group>
3483	······</xccdf-1.2:Group>	3483	······</xccdf-1.2:Group>
3484	····</xccdf-1.2:Benchmark>	3484	····</xccdf-1.2:Benchmark>
3485	··</ds:component>	3485	··</ds:component>
3486	··<ds:component·id="scap_org.open-scap_comp_ssg-firefox-oval.xml"·timestamp="2024-11-02T06:39:34">	3486	··<ds:component·id="scap_org.open-scap_comp_ssg-firefox-oval.xml"·timestamp="2024-11-03T08:39:34">
3487	····<oval-def:oval_definitions·xsi:schemaLocation="http://oval.mitre.org/XMLSchema/oval-common-5·oval-common-schema.xsd··http://oval.mitre.org/XMLSchema/oval-definitions-5·oval-definitions-schema.xsd··http://oval.mitre.org/XMLSchema/oval-definitions-5#independent·independent-definitions-schema.xsd··http://oval.mitre.org/XMLSchema/oval-definitions-5#unix·unix-definitions-schema.xsd··http://oval.mitre.org/XMLSchema/oval-definitions-5#linux·linux-definitions-schema.xsd">	3487	····<oval-def:oval_definitions·xsi:schemaLocation="http://oval.mitre.org/XMLSchema/oval-common-5·oval-common-schema.xsd··http://oval.mitre.org/XMLSchema/oval-definitions-5·oval-definitions-schema.xsd··http://oval.mitre.org/XMLSchema/oval-definitions-5#independent·independent-definitions-schema.xsd··http://oval.mitre.org/XMLSchema/oval-definitions-5#unix·unix-definitions-schema.xsd··http://oval.mitre.org/XMLSchema/oval-definitions-5#linux·linux-definitions-schema.xsd">
3488	······<oval-def:generator>	3488	······<oval-def:generator>
3489	········<oval:product_name>OVALFileLinker·from·SCAP·Security·Guide</oval:product_name>	3489	········<oval:product_name>OVALFileLinker·from·SCAP·Security·Guide</oval:product_name>
3490	········<oval:product_version>ssg:·[0,·1,·74],·python:·3.12.7</oval:product_version>	3490	········<oval:product_version>ssg:·[0,·1,·74],·python:·3.12.7</oval:product_version>


Offset 1, 10 lines modified		Offset 1, 10 lines modified
1	<?xml·version="1.0"·encoding="utf-8"?>	1	<?xml·version="1.0"·encoding="utf-8"?>
2	<xccdf-1.2:Benchmark·xmlns:dc="http://purl.org/dc/elements/1.1/"·xmlns:html="http://www.w3.org/1999/xhtml"·xmlns:xccdf-1.2="http://checklists.nist.gov/xccdf/1.2"·xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"·id="xccdf_org.ssgproject.content_benchmark_FIREFOX"·xsi:schemaLocation="http://checklists.nist.gov/xccdf/1.2·xccdf-1.2.xsd"·style="SCAP_1.2"·resolved="true"·xml:lang="en-US">	2	<xccdf-1.2:Benchmark·xmlns:dc="http://purl.org/dc/elements/1.1/"·xmlns:html="http://www.w3.org/1999/xhtml"·xmlns:xccdf-1.2="http://checklists.nist.gov/xccdf/1.2"·xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"·id="xccdf_org.ssgproject.content_benchmark_FIREFOX"·xsi:schemaLocation="http://checklists.nist.gov/xccdf/1.2·xccdf-1.2.xsd"·style="SCAP_1.2"·resolved="true"·xml:lang="en-US">
3	··<xccdf-1.2:status·date="2026-01-08">draft</xccdf-1.2:status>	3	··<xccdf-1.2:status·date="2024-12-07">draft</xccdf-1.2:status>
4	··<xccdf-1.2:title>Guide·to·the·Secure·Configuration·of·Firefox</xccdf-1.2:title>	4	··<xccdf-1.2:title>Guide·to·the·Secure·Configuration·of·Firefox</xccdf-1.2:title>
5	··<xccdf-1.2:description>	5	··<xccdf-1.2:description>
6	····This·guide·presents·a·catalog·of·security-relevant	6	····This·guide·presents·a·catalog·of·security-relevant
7	configuration·settings·for·Firefox.·It·is·a·rendering·of	7	configuration·settings·for·Firefox.·It·is·a·rendering·of
8	content·structured·in·the·eXtensible·Configuration·Checklist·Description·Format·(XCCDF)	8	content·structured·in·the·eXtensible·Configuration·Checklist·Description·Format·(XCCDF)
9	in·order·to·support·security·automation.··The·SCAP·content·is	9	in·order·to·support·security·automation.··The·SCAP·content·is
10	is·available·in·the	10	is·available·in·the


Offset 3, 496 lines modified		Offset 3, 506 lines modified
3	··<ocil:generator>	3	··<ocil:generator>
4	····<ocil:product_name>build_shorthand.py·from·SCAP·Security·Guide</ocil:product_name>	4	····<ocil:product_name>build_shorthand.py·from·SCAP·Security·Guide</ocil:product_name>
5	····<ocil:product_version>ssg:·0.1.74</ocil:product_version>	5	····<ocil:product_version>ssg:·0.1.74</ocil:product_version>
6	····<ocil:schema_version>2.0</ocil:schema_version>	6	····<ocil:schema_version>2.0</ocil:schema_version>
7	····<ocil:timestamp>2024-11-02T18:39:34</ocil:timestamp>	7	····<ocil:timestamp>2024-11-02T18:39:34</ocil:timestamp>
8	··</ocil:generator>	8	··</ocil:generator>
9	··<ocil:questionnaires>	9	··<ocil:questionnaires>
10	····<ocil:questionnaire·id="ocil:ssg-kubelet_read_only_port_secured_ocil:questionnaire:1">
11	······<ocil:title>kubelet·-·Ensure·that·the·--read-only-port·is·secured</ocil:title>
12	······<ocil:actions>
13	········<ocil:test_action_ref>ocil:ssg-kubelet_read_only_port_secured_action:testaction:1</ocil:test_action_ref>
14	······</ocil:actions>
15	····</ocil:questionnaire>
16	····<ocil:questionnaire·id="ocil:ssg-image_scanning_ocil:questionnaire:1">
17	······<ocil:title>Ensure·Image·Vulnerability·Scanning</ocil:title>
18	······<ocil:actions>
19	········<ocil:test_action_ref>ocil:ssg-image_scanning_action:testaction:1</ocil:test_action_ref>
20	······</ocil:actions>
21	····</ocil:questionnaire>
22	····<ocil:questionnaire·id="ocil:ssg-dedicated_service_accounts_ocil:questionnaire:1">
23	······<ocil:title>Use·Dedicated·Service·Accounts</ocil:title>
24	······<ocil:actions>
25	········<ocil:test_action_ref>ocil:ssg-dedicated_service_accounts_action:testaction:1</ocil:test_action_ref>
26	······</ocil:actions>
27	····</ocil:questionnaire>
28	····<ocil:questionnaire·id="ocil:ssg-file_permissions_worker_kubeconfig_ocil:questionnaire:1">
29	······<ocil:title>Verify·Permissions·on·the·Worker·Kubeconfig·File</ocil:title>
30	······<ocil:actions>
31	········<ocil:test_action_ref>ocil:ssg-file_permissions_worker_kubeconfig_action:testaction:1</ocil:test_action_ref>
32	······</ocil:actions>
33	····</ocil:questionnaire>
34	····<ocil:questionnaire·id="ocil:ssg-kubelet_enable_cert_rotation_ocil:questionnaire:1">	10	····<ocil:questionnaire·id="ocil:ssg-kubelet_enable_cert_rotation_ocil:questionnaire:1">
35	······<ocil:title>kubelet·-·Enable·Certificate·Rotation</ocil:title>	11	······<ocil:title>kubelet·-·Enable·Certificate·Rotation</ocil:title>
36	······<ocil:actions>	12	······<ocil:actions>
37	········<ocil:test_action_ref>ocil:ssg-kubelet_enable_cert_rotation_action:testaction:1</ocil:test_action_ref>	13	········<ocil:test_action_ref>ocil:ssg-kubelet_enable_cert_rotation_action:testaction:1</ocil:test_action_ref>
38	······</ocil:actions>	14	······</ocil:actions>
39	····</ocil:questionnaire>	15	····</ocil:questionnaire>
40	····<ocil:questionnaire·id="ocil:ssg-kubelet_enable_streaming_connections_deprecated_ocil:questionnaire:1">
41	······<ocil:~~title>kubel~~e~~t·-·D~~o~~·Not·Disab~~le~~·St~~r~~eaming·Tim~~eo~~uts</~~ocil:title>	16	····<ocil:questionnaire·id="ocil:ssg-file_groupowner_worker_kubeconfig_ocil:questionnaire:1">
		17	······<ocil:title>Verify·Group·Who·Owns·The·Worker·Kubeconfig·File</ocil:title>
42	······<ocil:actions>	18	······<ocil:actions>
43	········<ocil:test_action_ref>ocil:ssg-kubelet_en~~able_str~~e~~amin~~g_conne~~ction~~s_d~~epr~~ec~~ated~~_action:testaction:1</ocil:test_action_ref>	19	········<ocil:test_action_ref>ocil:ssg-file_groupowner_worker_kubeconfig_action:testaction:1</ocil:test_action_ref>
44	······</ocil:actions>	20	······</ocil:actions>
45	····</ocil:questionnaire>	21	····</ocil:questionnaire>
46	····<ocil:questionnaire·id="ocil:ssg-configure_network_policies_namespaces_ocil:questionnaire:1">
47	······<ocil:~~title>E~~nsure·~~that·application·Nam~~e~~spac~~es~~·have·Netw~~or~~k·Pol~~icies·de~~fined.</~~ocil:title>	22	····<ocil:questionnaire·id="ocil:ssg-kubelet_enable_streaming_connections_deprecated_ocil:questionnaire:1">
		23	······<ocil:title>kubelet·-·Do·Not·Disable·Streaming·Timeouts</ocil:title>
48	······<ocil:actions>	24	······<ocil:actions>
49	········<ocil:test_action_ref>ocil:ssg-~~configur~~e_ne~~twork~~_policies_~~namesp~~aces_action:testaction:1</ocil:test_action_ref>	25	········<ocil:test_action_ref>ocil:ssg-kubelet_enable_streaming_connections_deprecated_action:testaction:1</ocil:test_action_ref>
50	······</ocil:actions>	26	······</ocil:actions>
51	····</ocil:questionnaire>	27	····</ocil:questionnaire>
52	····<ocil:questionnaire·id="ocil:ssg-file_groupowner_kubelet_conf_ocil:questionnaire:1">	28	····<ocil:questionnaire·id="ocil:ssg-file_groupowner_kubelet_conf_ocil:questionnaire:1">
53	······<ocil:title>Verify·Group·Who·Owns·The·Kubelet·Configuration·File</ocil:title>	29	······<ocil:title>Verify·Group·Who·Owns·The·Kubelet·Configuration·File</ocil:title>
54	······<ocil:actions>	30	······<ocil:actions>
55	········<ocil:test_action_ref>ocil:ssg-file_groupowner_kubelet_conf_action:testaction:1</ocil:test_action_ref>	31	········<ocil:test_action_ref>ocil:ssg-file_groupowner_kubelet_conf_action:testaction:1</ocil:test_action_ref>
56	······</ocil:actions>	32	······</ocil:actions>
57	····</ocil:questionnaire>	33	····</ocil:questionnaire>
58	····<ocil:questionnaire·id="ocil:ssg-configure_tls_ocil:questionnaire:1">	34	····<ocil:questionnaire·id="ocil:ssg-configure_tls_ocil:questionnaire:1">
59	······<ocil:title>Encrypt·Traffic·to·Load·Balancers·and·Workloads</ocil:title>	35	······<ocil:title>Encrypt·Traffic·to·Load·Balancers·and·Workloads</ocil:title>
60	······<ocil:actions>	36	······<ocil:actions>
61	········<ocil:test_action_ref>ocil:ssg-configure_tls_action:testaction:1</ocil:test_action_ref>	37	········<ocil:test_action_ref>ocil:ssg-configure_tls_action:testaction:1</ocil:test_action_ref>
62	······</ocil:actions>	38	······</ocil:actions>
63	····</ocil:questionnaire>	39	····</ocil:questionnaire>
64	····<ocil:questionnaire·id="ocil:ssg-en~~dpo~~int_c~~onfigur~~ation_ocil:questionnaire:1">	40	····<ocil:questionnaire·id="ocil:ssg-kubelet_enable_client_cert_rotation_ocil:questionnaire:1">
		41	······<ocil:title>kubelet·-·Enable·Client·Certificate·Rotation</ocil:title>
65	······<ocil:title>Ensure·Private·Endpoint·Access</ocil:title>
66	······<ocil:actions>
67	········<ocil:test_action_ref>ocil:ssg-endpoint_configuration_action:testaction:1</ocil:test_action_ref>
68	······</ocil:actions>
69	····</ocil:questionnaire>
70	····<ocil:questionnaire·id="ocil:ssg-iam_integration_ocil:questionnaire:1">
71	······<ocil:title>Manage·Users·with·AWS·IAM</ocil:title>
72	······<ocil:actions>	42	······<ocil:actions>
73	········<ocil:test_action_ref>ocil:ssg-iam_integration_action:testaction:1</ocil:test_action_ref>	43	········<ocil:test_action_ref>ocil:ssg-kubelet_enable_client_cert_rotation_action:testaction:1</ocil:test_action_ref>
74	······</ocil:actions>	44	······</ocil:actions>
75	····</ocil:questionnaire>	45	····</ocil:questionnaire>
76	····<ocil:questionnaire·id="ocil:ssg-~~approv~~ed_re~~gistrie~~s_ocil:questionnaire:1">	46	····<ocil:questionnaire·id="ocil:ssg-dedicated_service_accounts_ocil:questionnaire:1">
77	······<ocil:title>~~Only·~~use·~~approv~~ed·c~~onta~~iner·re~~gistrie~~s</ocil:title>	47	······<ocil:title>Use·Dedicated·Service·Accounts</ocil:title>
78	······<ocil:actions>	48	······<ocil:actions>
79	········<ocil:test_action_ref>ocil:ssg-~~approv~~ed_re~~gistrie~~s_action:testaction:1</ocil:test_action_ref>	49	········<ocil:test_action_ref>ocil:ssg-dedicated_service_accounts_action:testaction:1</ocil:test_action_ref>
80	······</ocil:actions>	50	······</ocil:actions>
81	····</ocil:questionnaire>	51	····</ocil:questionnaire>
82	····<ocil:questionnaire·id="ocil:ssg-kubelet_enable_~~serv~~er_cert_~~rot~~a~~tion~~_ocil:questionnaire:1">	52	····<ocil:questionnaire·id="ocil:ssg-kubelet_enable_protect_kernel_defaults_ocil:questionnaire:1">
83	······<ocil:title>kubelet·-·Enable·~~Serv~~er·Cert~~ificate~~·~~Rot~~a~~tion~~</ocil:title>	53	······<ocil:title>kubelet·-·Enable·Protect·Kernel·Defaults</ocil:title>
84	······<ocil:actions>	54	······<ocil:actions>
85	········<ocil:test_action_ref>ocil:ssg-kubelet_enable_~~serv~~er_cert_~~rot~~a~~tion~~_action:testaction:1</ocil:test_action_ref>	55	········<ocil:test_action_ref>ocil:ssg-kubelet_enable_protect_kernel_defaults_action:testaction:1</ocil:test_action_ref>
86	······</ocil:actions>	56	······</ocil:actions>
87	····</ocil:questionnaire>	57	····</ocil:questionnaire>
88	····<ocil:questionnaire·id="ocil:ssg-~~file_ow~~ne~~r_wo~~rker_~~kub~~eco~~nfig~~_ocil:questionnaire:1">	58	····<ocil:questionnaire·id="ocil:ssg-registry_access_ocil:questionnaire:1">
89	······<ocil:title>~~Ver~~ify·User·~~Who·Own~~s~~·Th~~e·Wo~~rker~~·K~~ubec~~on~~fig~~·F~~ile~~</ocil:title>	59	······<ocil:title>Minimize·user·access·to·Amazon·ECR</ocil:title>
90	······<ocil:actions>	60	······<ocil:actions>
91	········<ocil:test_action_ref>ocil:ssg-~~file_ow~~ne~~r_wo~~rker_~~kub~~eco~~nfig~~_action:testaction:1</ocil:test_action_ref>	61	········<ocil:test_action_ref>ocil:ssg-registry_access_action:testaction:1</ocil:test_action_ref>
92	······</ocil:actions>	62	······</ocil:actions>
93	····</ocil:questionnaire>	63	····</ocil:questionnaire>
94	····<ocil:questionnaire·id="ocil:ssg-read_only_registry_access_ocil:questionnaire:1">	64	····<ocil:questionnaire·id="ocil:ssg-read_only_registry_access_ocil:questionnaire:1">
95	······<ocil:title>Ensure·Cluster·Service·Account·with·read-only·access·to·Amazon·ECR</ocil:title>	65	······<ocil:title>Ensure·Cluster·Service·Account·with·read-only·access·to·Amazon·ECR</ocil:title>
96	······<ocil:actions>	66	······<ocil:actions>
97	········<ocil:test_action_ref>ocil:ssg-read_only_registry_access_action:testaction:1</ocil:test_action_ref>	67	········<ocil:test_action_ref>ocil:ssg-read_only_registry_access_action:testaction:1</ocil:test_action_ref>
98	······</ocil:actions>	68	······</ocil:actions>
99	····</ocil:questionnaire>	69	····</ocil:questionnaire>
100	····<ocil:questionnaire·id="ocil:ssg-configure_network_policy_ocil:questionnaire:1">	70	····<ocil:questionnaire·id="ocil:ssg-configure_network_policy_ocil:questionnaire:1">
101	······<ocil:title>Ensure·Network·Policy·is·Enabled</ocil:title>	71	······<ocil:title>Ensure·Network·Policy·is·Enabled</ocil:title>
102	······<ocil:actions>	72	······<ocil:actions>
103	········<ocil:test_action_ref>ocil:ssg-configure_network_policy_action:testaction:1</ocil:test_action_ref>	73	········<ocil:test_action_ref>ocil:ssg-configure_network_policy_action:testaction:1</ocil:test_action_ref>
104	······</ocil:actions>	74	······</ocil:actions>
105	····</ocil:questionnaire>	75	····</ocil:questionnaire>
106	····<ocil:questionnaire·id="ocil:ssg-~~fil~~e_~~group~~owne~~r_wo~~rker_~~kub~~ec~~onfig~~_ocil:questionnaire:1">	76	····<ocil:questionnaire·id="ocil:ssg-kubelet_configure_client_ca_ocil:questionnaire:1">
107	······<ocil:title>Ve~~rify·Group·Who·Owns~~·The·~~Worker~~·~~Kub~~e~~con~~fig·~~Fil~~e</ocil:title>	77	······<ocil:title>kubelet·-·Configure·the·Client·CA·Certificate</ocil:title>
108	······<ocil:actions>	78	······<ocil:actions>
109	········<ocil:test_action_ref>ocil:ssg-~~fil~~e_~~group~~owne~~r_wo~~rker_~~kub~~ec~~onfig~~_action:testaction:1</ocil:test_action_ref>	79	········<ocil:test_action_ref>ocil:ssg-kubelet_configure_client_ca_action:testaction:1</ocil:test_action_ref>
110	······</ocil:actions>	80	······</ocil:actions>
111	····</ocil:questionnaire>	81	····</ocil:questionnaire>
112	····<ocil:questionnaire·id="ocil:ssg-kubelet_ena~~ble_strea~~m~~ing~~_~~conn~~ect~~ion~~s_ocil:questionnaire:1">	82	····<ocil:questionnaire·id="ocil:ssg-kubelet_anonymous_auth_ocil:questionnaire:1">
113	······<ocil:title>~~kube~~let·-·Do~~·Not·Disabl~~e·Streaming·~~Timeo~~uts</ocil:title>	83	······<ocil:title>Disable·Anonymous·Authentication·to·the·Kubelet</ocil:title>
114	······<ocil:actions>	84	······<ocil:actions>
115	········<ocil:test_action_ref>ocil:ssg-kubelet_ena~~ble_strea~~m~~ing~~_~~conn~~ect~~ion~~s_action:testaction:1</ocil:test_action_ref>	85	········<ocil:test_action_ref>ocil:ssg-kubelet_anonymous_auth_action:testaction:1</ocil:test_action_ref>
116	······</ocil:actions>	86	······</ocil:actions>
117	····</ocil:questionnaire>	87	····</ocil:questionnaire>
118	····<ocil:questionnaire·id="ocil:ssg-kubelet_enable_prot~~ect_kerne~~l_defaults_ocil:questionnaire:1">	88	····<ocil:questionnaire·id="ocil:ssg-kubelet_enable_iptables_util_chains_ocil:questionnaire:1">
119	······<ocil:title>kubelet·-·~~Enable·Pr~~otec~~t·K~~e~~rne~~l·Defaults</ocil:title>	89	······<ocil:title>kubelet·-·Allow·Automatic·Firewall·Configuration</ocil:title>
120	······<ocil:actions>	90	······<ocil:actions>
121	········<ocil:test_action_ref>ocil:ssg-kubelet_enable_prot~~ect_kerne~~l_defaults_action:testaction:1</ocil:test_action_ref>	91	········<ocil:test_action_ref>ocil:ssg-kubelet_enable_iptables_util_chains_action:testaction:1</ocil:test_action_ref>
122	······</ocil:actions>	92	······</ocil:actions>
123	····</ocil:questionnaire>	93	····</ocil:questionnaire>
124	····<ocil:questionnaire·id="ocil:ssg-fil~~e_p~~e~~rmi~~ssion~~s_kubelet_~~conf_ocil:questionnaire:1">	94	····<ocil:questionnaire·id="ocil:ssg-image_scanning_ocil:questionnaire:1">
125	······<ocil:title>~~Verify~~·Perm~~issions~~·o~~n·Th~~e·Kubelet~~·Configur~~a~~tio~~n·File</ocil:title>	95	······<ocil:title>Ensure·Image·Vulnerability·Scanning</ocil:title>
126	······<ocil:actions>	96	······<ocil:actions>
Max diff block lines reached; 77642/87766 bytes (88.46%) of diff not shown.


Offset 3, 295 lines modified		Offset 3, 295 lines modified
3	··<ocil:generator>	3	··<ocil:generator>
4	····<ocil:product_name>build_shorthand.py·from·SCAP·Security·Guide</ocil:product_name>	4	····<ocil:product_name>build_shorthand.py·from·SCAP·Security·Guide</ocil:product_name>
5	····<ocil:product_version>ssg:·0.1.74</ocil:product_version>	5	····<ocil:product_version>ssg:·0.1.74</ocil:product_version>
6	····<ocil:schema_version>2.0</ocil:schema_version>	6	····<ocil:schema_version>2.0</ocil:schema_version>
7	····<ocil:timestamp>2024-11-02T18:39:34</ocil:timestamp>	7	····<ocil:timestamp>2024-11-02T18:39:34</ocil:timestamp>
8	··</ocil:generator>	8	··</ocil:generator>
9	··<ocil:questionnaires>	9	··<ocil:questionnaires>
10	····<ocil:questionnaire·id="ocil:ssg-firefox_policy-disa~~ble~~_studies_ocil:questionnaire:1">	10	····<ocil:questionnaire·id="ocil:ssg-firefox_policy-search_suggestion_ocil:questionnaire:1">
		11	······<ocil:title>Firefox·search·suggestions·must·be·disabled.</ocil:title>
11	······<ocil:title>Disable·Firefox·Studies</ocil:title>
12	······<ocil:actions>
13	········<ocil:test_action_ref>ocil:ssg-firefox_policy-disable_studies_action:testaction:1</ocil:test_action_ref>
14	······</ocil:actions>
15	····</ocil:questionnaire>
16	····<ocil:questionnaire·id="ocil:ssg-firefox_policy-extension_recommendation_ocil:questionnaire:1">
17	······<ocil:title>Disabled·Firefox·Extension·Recommendations</ocil:title>
18	······<ocil:actions>
19	········<ocil:test_action_ref>ocil:ssg-firefox_policy-extension_recommendation_action:testaction:1</ocil:test_action_ref>
20	······</ocil:actions>
21	····</ocil:questionnaire>
22	····<ocil:questionnaire·id="ocil:ssg-firefox_policy-javascript_window_resizing_ocil:questionnaire:1">
23	······<ocil:title>Disable·JavaScript's·Moving·Or·Resizing·Windows·Capability</ocil:title>
24	······<ocil:actions>	12	······<ocil:actions>
25	········<ocil:test_action_ref>ocil:ssg-firefox_policy-javascript_~~window_r~~esizing_action:testaction:1</ocil:test_action_ref>	13	········<ocil:test_action_ref>ocil:ssg-firefox_policy-search_suggestion_action:testaction:1</ocil:test_action_ref>
26	······</ocil:actions>	14	······</ocil:actions>
27	····</ocil:questionnaire>	15	····</ocil:questionnaire>
28	····<ocil:questionnaire·id="ocil:ssg-firefox_preferences-enable_ca_trust_ocil:questionnaire:1">
29	······<ocil:title~~>Enab~~l~~e·Sh~~ared~~·System·C~~erti~~fica~~tes</ocil:title>	16	····<ocil:questionnaire·id="ocil:ssg-installed_firefox_version_supported_ocil:questionnaire:1">
		17	······<ocil:title>Supported·Version·of·Firefox·Installed</ocil:title>
30	······<ocil:actions>	18	······<ocil:actions>
31	········<ocil:test_action_ref>ocil:ssg-fi~~refox_pre~~fere~~nces-~~e~~nable~~_~~ca_t~~r~~ust~~_action:testaction:1</ocil:test_action_ref>	19	········<ocil:test_action_ref>ocil:ssg-installed_firefox_version_supported_action:testaction:1</ocil:test_action_ref>
32	······</ocil:actions>	20	······</ocil:actions>
33	····</ocil:questionnaire>	21	····</ocil:questionnaire>
34	····<ocil:questionnaire·id="ocil:ssg-firefox_policy-~~dis~~able_pocket_ocil:questionnaire:1">	22	····<ocil:questionnaire·id="ocil:ssg-firefox_policy-enhanced_tracking_ocil:questionnaire:1">
35	······<ocil:title>Disable·Firefox·Pocket</ocil:title>	23	······<ocil:title>Enabled·Firefox·Enhanced·Tracking·Protection</ocil:title>
36	······<ocil:actions>	24	······<ocil:actions>
37	········<ocil:test_action_ref>ocil:ssg-firefox_policy-~~dis~~able_pocket_action:testaction:1</ocil:test_action_ref>	25	········<ocil:test_action_ref>ocil:ssg-firefox_policy-enhanced_tracking_action:testaction:1</ocil:test_action_ref>
38	······</ocil:actions>	26	······</ocil:actions>
39	····</ocil:questionnaire>	27	····</ocil:questionnaire>
40	····<ocil:questionnaire·id="ocil:ssg-firefox_p~~referen~~c~~es-aut~~o-down~~load~~_actions_ocil:questionnaire:1">	28	····<ocil:questionnaire·id="ocil:ssg-firefox_policy-forget_button_ocil:questionnaire:1">
41	······<ocil:title>Di~~sable~~·aut~~o-dow~~n~~load~~·for·prosc~~ribe~~d~~·MIME·types~~.</ocil:title>	29	······<ocil:title>Firefox·must·prevent·the·user·from·quickly·deleting·data.</ocil:title>
42	······<ocil:actions>	30	······<ocil:actions>
43	········<ocil:test_action_ref>ocil:ssg-firefox_p~~referen~~c~~es-aut~~o-down~~load~~_actions_action:testaction:1</ocil:test_action_ref>	31	········<ocil:test_action_ref>ocil:ssg-firefox_policy-forget_button_action:testaction:1</ocil:test_action_ref>
44	······</ocil:actions>	32	······</ocil:actions>
45	····</ocil:questionnaire>	33	····</ocil:questionnaire>
46	····<ocil:questionnaire·id="ocil:ssg-firefox_policy-~~cryptom~~in~~ing~~_ocil:questionnaire:1">	34	····<ocil:questionnaire·id="ocil:ssg-firefox_policy-pop-up_windows_ocil:questionnaire:1">
47	······<ocil:title>Enabled·Firefox·~~Cryp~~tomi~~ning~~·protect~~ion~~</ocil:title>	35	······<ocil:title>Enable·Firefox·Pop-up·Blocker</ocil:title>
48	······<ocil:actions>	36	······<ocil:actions>
49	········<ocil:test_action_ref>ocil:ssg-firefox_policy-~~cryptom~~in~~ing~~_action:testaction:1</ocil:test_action_ref>	37	········<ocil:test_action_ref>ocil:ssg-firefox_policy-pop-up_windows_action:testaction:1</ocil:test_action_ref>
50	······</ocil:actions>	38	······</ocil:actions>
51	····</ocil:questionnaire>	39	····</ocil:questionnaire>
52	····<ocil:questionnaire·id="ocil:ssg-firefox_policy-for~~get_bu~~tton_ocil:questionnaire:1">	40	····<ocil:questionnaire·id="ocil:ssg-firefox_policy-network_prediction_ocil:questionnaire:1">
53	······<ocil:title>Fi~~refox~~·~~must~~·prev~~ent~~·the~~·user~~·fr~~om·~~quic~~kly·dele~~ti~~ng·dat~~a.</ocil:title>	41	······<ocil:title>Disable·Firefox·network·prediction</ocil:title>
54	······<ocil:actions>	42	······<ocil:actions>
55	········<ocil:test_action_ref>ocil:ssg-firefox_policy-for~~get_bu~~tton_action:testaction:1</ocil:test_action_ref>	43	········<ocil:test_action_ref>ocil:ssg-firefox_policy-network_prediction_action:testaction:1</ocil:test_action_ref>
56	······</ocil:actions>	44	······</ocil:actions>
57	····</ocil:questionnaire>	45	····</ocil:questionnaire>
58	····<ocil:questionnaire·id="ocil:ssg-firefox_policy-~~ext~~ens~~ion_u~~p~~dat~~e_ocil:questionnaire:1">	46	····<ocil:questionnaire·id="ocil:ssg-firefox_policy-disable_pocket_ocil:questionnaire:1">
59	······<ocil:title>Fi~~refox·mu~~s~~t·b~~e·~~con~~figure~~d·to·~~not·auto~~mati~~c~~ally·upda~~te~~·ins~~t~~alled·add-ons·and·plugins.~~</ocil:title>	47	······<ocil:title>Disable·Firefox·Pocket</ocil:title>
60	······<ocil:actions>	48	······<ocil:actions>
61	········<ocil:test_action_ref>ocil:ssg-firefox_policy-~~ext~~ens~~ion_u~~p~~dat~~e_action:testaction:1</ocil:test_action_ref>	49	········<ocil:test_action_ref>ocil:ssg-firefox_policy-disable_pocket_action:testaction:1</ocil:test_action_ref>
62	······</ocil:actions>	50	······</ocil:actions>
63	····</ocil:questionnaire>	51	····</ocil:questionnaire>
64	····<ocil:questionnaire·id="ocil:ssg-firefox_policy-autoplay_video_ocil:questionnaire:1">	52	····<ocil:questionnaire·id="ocil:ssg-firefox_policy-autoplay_video_ocil:questionnaire:1">
65	······<ocil:title>Firefox·autoplay·must·be·disabled.</ocil:title>	53	······<ocil:title>Firefox·autoplay·must·be·disabled.</ocil:title>
66	······<ocil:actions>	54	······<ocil:actions>
67	········<ocil:test_action_ref>ocil:ssg-firefox_policy-autoplay_video_action:testaction:1</ocil:test_action_ref>	55	········<ocil:test_action_ref>ocil:ssg-firefox_policy-autoplay_video_action:testaction:1</ocil:test_action_ref>
68	······</ocil:actions>	56	······</ocil:actions>
69	····</ocil:questionnaire>	57	····</ocil:questionnaire>
70	····<ocil:questionnaire·id="ocil:ssg-firefox_policy-development_tools_ocil:questionnaire:1">	58	····<ocil:questionnaire·id="ocil:ssg-firefox_policy-development_tools_ocil:questionnaire:1">
71	······<ocil:title>Disable·Firefox·Development·Tools</ocil:title>	59	······<ocil:title>Disable·Firefox·Development·Tools</ocil:title>
72	······<ocil:actions>	60	······<ocil:actions>
73	········<ocil:test_action_ref>ocil:ssg-firefox_policy-development_tools_action:testaction:1</ocil:test_action_ref>	61	········<ocil:test_action_ref>ocil:ssg-firefox_policy-development_tools_action:testaction:1</ocil:test_action_ref>
74	······</ocil:actions>	62	······</ocil:actions>
75	····</ocil:questionnaire>	63	····</ocil:questionnaire>
76	····<ocil:questionnaire·id="ocil:ssg-firefox_policy-~~cont~~ent~~_block~~er_ocil:questionnaire:1">	64	····<ocil:questionnaire·id="ocil:ssg-firefox_policy-disable_deprecated_ciphers_ocil:questionnaire:1">
77	······<ocil:title>Ens~~ure·th~~e·C~~ont~~e~~nt·B~~lo~~cke~~r·~~uBlock·O~~ri~~gin·is~~·In~~stalled~~</ocil:title>	65	······<ocil:title>Disable·Firefox·deprecated·ciphers</ocil:title>
78	······<ocil:actions>	66	······<ocil:actions>
79	········<ocil:test_action_ref>ocil:ssg-firefox_policy-~~cont~~ent~~_block~~er_action:testaction:1</ocil:test_action_ref>	67	········<ocil:test_action_ref>ocil:ssg-firefox_policy-disable_deprecated_ciphers_action:testaction:1</ocil:test_action_ref>
80	······</ocil:actions>	68	······</ocil:actions>
81	····</ocil:questionnaire>	69	····</ocil:questionnaire>
82	····<ocil:questionnaire·id="ocil:ssg-firefox_preferences-dod_root_certificate_installed_ocil:questionnaire:1">
83	······<ocil:ti~~tle>Th~~e·Do~~D·Root·C~~ertificate~~·Exists</~~ocil:title>	70	····<ocil:questionnaire·id="ocil:ssg-firefox_policy-content_blocker_ocil:questionnaire:1">
		71	······<ocil:title>Ensure·the·Content·Blocker·uBlock·Origin·is·Installed</ocil:title>
84	······<ocil:actions>	72	······<ocil:actions>
85	········<ocil:test_action_ref>ocil:ssg-firefox_p~~referen~~ces-~~dod_~~root_ce~~rtific~~ate_in~~stall~~ed_action:testaction:1</ocil:test_action_ref>	73	········<ocil:test_action_ref>ocil:ssg-firefox_policy-content_blocker_action:testaction:1</ocil:test_action_ref>
86	······</ocil:actions>	74	······</ocil:actions>
87	····</ocil:questionnaire>	75	····</ocil:questionnaire>
88	····<ocil:questionnaire·id="ocil:ssg-firefox_policy-verification_ocil:questionnaire:1">	76	····<ocil:questionnaire·id="ocil:ssg-firefox_policy-verification_ocil:questionnaire:1">
89	······<ocil:title>Enable·Certificate·Verification</ocil:title>	77	······<ocil:title>Enable·Certificate·Verification</ocil:title>
90	······<ocil:actions>	78	······<ocil:actions>
91	········<ocil:test_action_ref>ocil:ssg-firefox_policy-verification_action:testaction:1</ocil:test_action_ref>	79	········<ocil:test_action_ref>ocil:ssg-firefox_policy-verification_action:testaction:1</ocil:test_action_ref>
92	······</ocil:actions>	80	······</ocil:actions>
93	····</ocil:questionnaire>	81	····</ocil:questionnaire>
94	····<ocil:questionnaire·id="ocil:ssg-firefox_policy-disable_depr~~ecated~~_~~ciph~~ers_ocil:questionnaire:1">	82	····<ocil:questionnaire·id="ocil:ssg-firefox_policy-fingerprinting_protection_ocil:questionnaire:1">
95	······<ocil:title>Disable·Firefox·depr~~ecated~~·~~ciph~~ers</ocil:title>	83	······<ocil:title>Enabled·Firefox·Fingerprinting·Protection</ocil:title>
96	······<ocil:actions>	84	······<ocil:actions>
97	········<ocil:test_action_ref>ocil:ssg-firefox_policy-disable_depr~~ecated~~_~~ciph~~ers_action:testaction:1</ocil:test_action_ref>	85	········<ocil:test_action_ref>ocil:ssg-firefox_policy-fingerprinting_protection_action:testaction:1</ocil:test_action_ref>
98	······</ocil:actions>	86	······</ocil:actions>
99	····</ocil:questionnaire>	87	····</ocil:questionnaire>
100	····<ocil:questionnaire·id="ocil:ssg-firefox_policy-e~~nha~~nc~~ed_tracking~~_ocil:questionnaire:1">	88	····<ocil:questionnaire·id="ocil:ssg-firefox_policy-extension_update_ocil:questionnaire:1">
101	······<ocil:title>~~Ena~~b~~led·F~~irefox·~~Enh~~anced·Tracking·Pro~~tect~~ion</ocil:title>	89	······<ocil:title>Firefox·must·be·configured·to·not·automatically·update·installed·add-ons·and·plugins.</ocil:title>
102	······<ocil:actions>	90	······<ocil:actions>
103	········<ocil:test_action_ref>ocil:ssg-firefox_policy-e~~nha~~nc~~ed_tracking~~_action:testaction:1</ocil:test_action_ref>	91	········<ocil:test_action_ref>ocil:ssg-firefox_policy-extension_update_action:testaction:1</ocil:test_action_ref>
104	······</ocil:actions>	92	······</ocil:actions>
105	····</ocil:questionnaire>	93	····</ocil:questionnaire>
106	····<ocil:questionnaire·id="ocil:ssg-firefox_policy-f~~ing~~e~~rpri~~n~~ting_protec~~tion_ocil:questionnaire:1">	94	····<ocil:questionnaire·id="ocil:ssg-firefox_policy-extension_recommendation_ocil:questionnaire:1">
107	······<ocil:title>Enabled·Firefox·F~~ing~~e~~rpri~~n~~ting·Protec~~tion</ocil:title>	95	······<ocil:title>Disabled·Firefox·Extension·Recommendations</ocil:title>
108	······<ocil:actions>	96	······<ocil:actions>
109	········<ocil:test_action_ref>ocil:ssg-firefox_policy-f~~ing~~e~~rpri~~n~~ting_protec~~tion_action:testaction:1</ocil:test_action_ref>	97	········<ocil:test_action_ref>ocil:ssg-firefox_policy-extension_recommendation_action:testaction:1</ocil:test_action_ref>
		98	······</ocil:actions>
		99	····</ocil:questionnaire>
		100	····<ocil:questionnaire·id="ocil:ssg-firefox_preferences-enable_ca_trust_ocil:questionnaire:1">
		101	······<ocil:title>Enable·Shared·System·Certificates</ocil:title>
		102	······<ocil:actions>
		103	········<ocil:test_action_ref>ocil:ssg-firefox_preferences-enable_ca_trust_action:testaction:1</ocil:test_action_ref>
		104	······</ocil:actions>
		105	····</ocil:questionnaire>
		106	····<ocil:questionnaire·id="ocil:ssg-firefox_policy-disable_studies_ocil:questionnaire:1">
		107	······<ocil:title>Disable·Firefox·Studies</ocil:title>
		108	······<ocil:actions>
		109	········<ocil:test_action_ref>ocil:ssg-firefox_policy-disable_studies_action:testaction:1</ocil:test_action_ref>
110	······</ocil:actions>	110	······</ocil:actions>
111	····</ocil:questionnaire>	111	····</ocil:questionnaire>
112	····<ocil:questionnaire·id="ocil:ssg-firefox_policy-telemetry_ocil:questionnaire:1">	112	····<ocil:questionnaire·id="ocil:ssg-firefox_policy-telemetry_ocil:questionnaire:1">
113	······<ocil:title>Disable·Firefox·Telemetry</ocil:title>	113	······<ocil:title>Disable·Firefox·Telemetry</ocil:title>
114	······<ocil:actions>	114	······<ocil:actions>
Max diff block lines reached; 38851/49767 bytes (78.07%) of diff not shown.


Offset 14287, 15 lines modified		Offset 14287, 15 lines modified
00037ce0:·3c2f·6832·3e3c·703e·4375·7272·656e·7420··</h2><p>Current·		00037ce0:·3c2f·6832·3e3c·703e·4375·7272·656e·7420··</h2><p>Current·
00037cf0:·7665·7273·696f·6e3a·203c·7374·726f·6e67··version:·<strong		00037cf0:·7665·7273·696f·6e3a·203c·7374·726f·6e67··version:·<strong
00037d00:·3e30·2e31·2e37·343c·2f73·7472·6f6e·673e··>0.1.74</strong>		00037d00:·3e30·2e31·2e37·343c·2f73·7472·6f6e·673e··>0.1.74</strong>
00037d10:·3c2f·703e·3c75·6c3e·3c6c·693e·3c73·7472··</p><ul><li><str		00037d10:·3c2f·703e·3c75·6c3e·3c6c·693e·3c73·7472··</p><ul><li><str
00037d20:·6f6e·673e·6472·6166·743c·2f73·7472·6f6e··ong>draft</stron		00037d20:·6f6e·673e·6472·6166·743c·2f73·7472·6f6e··ong>draft</stron
00037d30:·673e·0a20·2020·2020·2020·2020·2020·2020··g>.·············		00037d30:·673e·0a20·2020·2020·2020·2020·2020·2020··g>.·············
00037d40:·2020·2020·2020·2028·6173·206f·6620·3230·········(as·of·20		00037d40:·2020·2020·2020·2028·6173·206f·6620·3230·········(as·of·20
00037d50:·3236·2d30·312d·3038·290a·2020·2020·2020··26-01-08).······		00037d50:·3234·2d31·322d·3037·290a·2020·2020·2020··24-12-07).······
00037d60:·2020·2020·2020·2020·2020·3c2f·6c69·3e3c············</li><		00037d60:·2020·2020·2020·2020·2020·3c2f·6c69·3e3c············</li><
00037d70:·2f75·6c3e·3c2f·6469·763e·3c68·323e·5461··/ul></div><h2>Ta		00037d70:·2f75·6c3e·3c2f·6469·763e·3c68·323e·5461··/ul></div><h2>Ta
00037d80:·626c·6520·6f66·2043·6f6e·7465·6e74·733c··ble·of·Contents<		00037d80:·626c·6520·6f66·2043·6f6e·7465·6e74·733c··ble·of·Contents<
00037d90:·2f68·323e·3c6f·6c3e·3c6c·693e·3c61·2068··/h2><ol><li><a·h		00037d90:·2f68·323e·3c6f·6c3e·3c6c·693e·3c61·2068··/h2><ol><li><a·h
00037da0:·7265·663d·2223·7863·6364·665f·6f72·672e··ref="#xccdf_org.		00037da0:·7265·663d·2223·7863·6364·665f·6f72·672e··ref="#xccdf_org.
00037db0:·7373·6770·726f·6a65·6374·2e63·6f6e·7465··ssgproject.conte		00037db0:·7373·6770·726f·6a65·6374·2e63·6f6e·7465··ssgproject.conte
00037dc0:·6e74·5f67·726f·7570·5f73·7973·7465·6d22··nt_group_system"		00037dc0:·6e74·5f67·726f·7570·5f73·7973·7465·6d22··nt_group_system"
Offset 16004, 147 lines modified		Offset 16004, 147 lines modified
0003e830:·6170·7365·2220·6461·7461·2d74·6172·6765··apse"·data-targe		0003e830:·6170·7365·2220·6461·7461·2d74·6172·6765··apse"·data-targe
0003e840:·743d·2223·6964·6d31·3735·3422·2074·6162··t="#idm1754"·tab		0003e840:·743d·2223·6964·6d31·3735·3422·2074·6162··t="#idm1754"·tab
0003e850:·696e·6465·783d·2230·2220·726f·6c65·3d22··index="0"·role="		0003e850:·696e·6465·783d·2230·2220·726f·6c65·3d22··index="0"·role="
0003e860:·6275·7474·6f6e·2220·6172·6961·2d65·7870··button"·aria-exp		0003e860:·6275·7474·6f6e·2220·6172·6961·2d65·7870··button"·aria-exp
0003e870:·616e·6465·643d·2266·616c·7365·2220·7469··anded="false"·ti		0003e870:·616e·6465·643d·2266·616c·7365·2220·7469··anded="false"·ti
0003e880:·746c·653d·2241·6374·6976·6174·6520·746f··tle="Activate·to		0003e880:·746c·653d·2241·6374·6976·6174·6520·746f··tle="Activate·to
0003e890:·2072·6576·6561·6c22·2068·7265·663d·2223···reveal"·href="#		0003e890:·2072·6576·6561·6c22·2068·7265·663d·2223···reveal"·href="#
0003e8a0:·2122·3e52·656d·6564·6961·7469·6f6e·2053··!">Remediation·S
0003e8b0:·6865·6c6c·2073·6372·6970·7420·e287·b23c··hell·script·...<
0003e8c0:·2f61·3e3c·6272·3e3c·6469·7620·636c·6173··/a><br><div·clas
0003e8d0:·733d·2270·616e·656c·2d63·6f6c·6c61·7073··s="panel-collaps
0003e8e0:·6520·636f·6c6c·6170·7365·2220·6964·3d22··e·collapse"·id="
0003e8f0:·6964·6d31·3735·3422·3e3c·7461·626c·6520··idm1754"><table·
0003e900:·636c·6173·733d·2274·6162·6c65·2074·6162··class="table·tab
0003e910:·6c65·2d73·7472·6970·6564·2074·6162·6c65··le-striped·table
0003e920:·2d62·6f72·6465·7265·6420·7461·626c·652d··-bordered·table-
0003e930:·636f·6e64·656e·7365·6422·3e3c·7472·3e3c··condensed"><tr><
0003e940:·7468·3e43·6f6d·706c·6578·6974·793a·3c2f··th>Complexity:</
0003e950:·7468·3e3c·7464·3e6c·6f77·3c2f·7464·3e3c··th><td>low</td><
0003e960:·2f74·723e·3c74·723e·3c74·683e·4469·7372··/tr><tr><th>Disr
0003e970:·7570·7469·6f6e·3a3c·2f74·683e·3c74·643e··uption:</th><td>
0003e980:·6c6f·773c·2f74·643e·3c2f·7472·3e3c·7472··low</td></tr><tr
0003e990:·3e3c·7468·3e52·6562·6f6f·743a·3c2f·7468··><th>Reboot:</th
0003e9a0:·3e3c·7464·3e66·616c·7365·3c2f·7464·3e3c··><td>false</td><
0003e9b0:·2f74·723e·3c74·723e·3c74·683e·5374·7261··/tr><tr><th>Stra
0003e9c0:·7465·6779·3a3c·2f74·683e·3c74·643e·7265··tegy:</th><td>re
0003e9d0:·7374·7269·6374·3c2f·7464·3e3c·2f74·723e··strict</td></tr>
0003e9e0:·3c2f·7461·626c·653e·3c70·7265·3e3c·636f··</table><pre><co
0003e9f0:·6465·3e0a·666f·7220·6620·696e·202f·6574··de>.for·f·in·/et
0003ea00:·632f·7375·646f·6572·7320·2f65·7463·2f73··c/sudoers·/etc/s
0003ea10:·7564·6f65·7273·2e64·2f2a·203b·2064·6f0a··udoers.d/*·;·do.
0003ea20:·2020·6966·205b·2021·202d·6520·2224·6622····if·[·!·-e·"$f"
0003ea30:·205d·203b·2074·6865·6e0a·2020·2020·636f···]·;·then.····co
0003ea40:·6e74·696e·7565·0a20·2066·690a·2020·6d61··ntinue.··fi.··ma
0003ea50:·7463·6869·6e67·5f6c·6973·743d·2428·6772··tching_list=$(gr
0003ea60:·6570·202d·5020·275e·283f·2123·292e·2a5b··ep·-P·'^(?!#).*[
0003ea70:·5c73·5d2b·5c21·6175·7468·656e·7469·6361··\s]+\!authentica
0003ea80:·7465·2e2a·2427·2024·6620·7c20·756e·6971··te.*$'·$f·\|·uniq
0003ea90:·2029·0a20·2069·6620·2120·7465·7374·202d···).··if·!·test·-
0003eaa0:·7a20·2224·6d61·7463·6869·6e67·5f6c·6973··z·"$matching_lis
0003eab0:·7422·3b20·7468·656e·0a20·2020·2077·6869··t";·then.····whi
0003eac0:·6c65·2049·4653·3d20·7265·6164·202d·7220··le·IFS=·read·-r·
0003ead0:·656e·7472·793b·2064·6f0a·2020·2020·2020··entry;·do.······
0003eae0:·2320·636f·6d6d·656e·7420·6f75·7420·2221··#·comment·out·"!
0003eaf0:·6175·7468·656e·7469·6361·7465·2220·6d61··authenticate"·ma
0003eb00:·7463·6865·7320·746f·2070·7265·7365·7276··tches·to·preserv
0003eb10:·6520·7573·6572·2064·6174·610a·2020·2020··e·user·data.····
0003eb20:·2020·7365·6420·2d69·2022·732f·5e24·7b65····sed·-i·"s/^${e
0003eb30:·6e74·7279·7d24·2f23·2026·616d·703b·2f67··ntry}$/#·&/g
0003eb40:·2220·2466·0a20·2020·2064·6f6e·6520·266c··"·$f.····done·&l
0003eb50:·743b·266c·743b·266c·743b·2022·246d·6174··t;<<·"$mat
0003eb60:·6368·696e·675f·6c69·7374·220a·0a20·2020··ching_list"..···
0003eb70:·202f·7573·722f·7362·696e·2f76·6973·7564···/usr/sbin/visud
0003eb80:·6f20·2d63·6620·2466·2026·616d·703b·2667··o·-cf·$f·&&g
0003eb90:·743b·202f·6465·762f·6e75·6c6c·207c·7c20··t;·/dev/null·\|\|·
0003eba0:·6563·686f·2022·4661·696c·2074·6f20·7661··echo·"Fail·to·va
0003ebb0:·6c69·6461·7465·2024·6620·7769·7468·2076··lidate·$f·with·v
0003ebc0:·6973·7564·6f22·0a20·2066·690a·646f·6e65··isudo".··fi.done
0003ebd0:·0a3c·2f63·6f64·653e·3c2f·7072·653e·3c2f··.</code></pre></
0003ebe0:·6469·763e·3c61·2063·6c61·7373·3d22·6274··div><a·class="bt
0003ebf0:·6e20·6274·6e2d·7375·6363·6573·7322·2064··n·btn-success"·d
0003ec00:·6174·612d·746f·6767·6c65·3d22·636f·6c6c··ata-toggle="coll
0003ec10:·6170·7365·2220·6461·7461·2d74·6172·6765··apse"·data-targe
0003ec20:·743d·2223·6964·6d31·3735·3522·2074·6162··t="#idm1755"·tab
0003ec30:·696e·6465·783d·2230·2220·726f·6c65·3d22··index="0"·role="
0003ec40:·6275·7474·6f6e·2220·6172·6961·2d65·7870··button"·aria-exp
0003ec50:·616e·6465·643d·2266·616c·7365·2220·7469··anded="false"·ti
0003ec60:·746c·653d·2241·6374·6976·6174·6520·746f··tle="Activate·to
0003ec70:·2072·6576·6561·6c22·2068·7265·663d·2223···reveal"·href="#
0003ec80:·2122·3e52·656d·6564·6961·7469·6f6e·2041··!">Remediation·A		0003e8a0:·2122·3e52·656d·6564·6961·7469·6f6e·2041··!">Remediation·A
0003ec90:·6e73·6962·6c65·2073·6e69·7070·6574·20e2··nsible·snippet·.		0003e8b0:·6e73·6962·6c65·2073·6e69·7070·6574·20e2··nsible·snippet·.
0003eca0:·87b2·3c2f·613e·3c62·723e·3c64·6976·2063··..</a><br><div·c		0003e8c0:·87b2·3c2f·613e·3c62·723e·3c64·6976·2063··..</a><br><div·c
0003ecb0:·6c61·7373·3d22·7061·6e65·6c2d·636f·6c6c··lass="panel-coll		0003e8d0:·6c61·7373·3d22·7061·6e65·6c2d·636f·6c6c··lass="panel-coll
0003ecc0:·6170·7365·2063·6f6c·6c61·7073·6522·2069··apse·collapse"·i		0003e8e0:·6170·7365·2063·6f6c·6c61·7073·6522·2069··apse·collapse"·i
0003ecd0:·643d·2269·646d·3137·3535·223e·3c74·6162··d="idm1755"><tab		0003e8f0:·643d·2269·646d·3137·3534·223e·3c74·6162··d="idm1754"><tab
0003ece0:·6c65·2063·6c61·7373·3d22·7461·626c·6520··le·class="table·		0003e900:·6c65·2063·6c61·7373·3d22·7461·626c·6520··le·class="table·
0003ecf0:·7461·626c·652d·7374·7269·7065·6420·7461··table-striped·ta		0003e910:·7461·626c·652d·7374·7269·7065·6420·7461··table-striped·ta
0003ed00:·626c·652d·626f·7264·6572·6564·2074·6162··ble-bordered·tab		0003e920:·626c·652d·626f·7264·6572·6564·2074·6162··ble-bordered·tab
0003ed10:·6c65·2d63·6f6e·6465·6e73·6564·223e·3c74··le-condensed"><t		0003e930:·6c65·2d63·6f6e·6465·6e73·6564·223e·3c74··le-condensed"><t
0003ed20:·723e·3c74·683e·436f·6d70·6c65·7869·7479··r><th>Complexity		0003e940:·723e·3c74·683e·436f·6d70·6c65·7869·7479··r><th>Complexity
0003ed30:·3a3c·2f74·683e·3c74·643e·6c6f·773c·2f74··:</th><td>low</t		0003e950:·3a3c·2f74·683e·3c74·643e·6c6f·773c·2f74··:</th><td>low</t
0003ed40:·643e·3c2f·7472·3e3c·7472·3e3c·7468·3e44··d></tr><tr><th>D		0003e960:·643e·3c2f·7472·3e3c·7472·3e3c·7468·3e44··d></tr><tr><th>D
0003ed50:·6973·7275·7074·696f·6e3a·3c2f·7468·3e3c··isruption:</th><		0003e970:·6973·7275·7074·696f·6e3a·3c2f·7468·3e3c··isruption:</th><
0003ed60:·7464·3e6c·6f77·3c2f·7464·3e3c·2f74·723e··td>low</td></tr>		0003e980:·7464·3e6c·6f77·3c2f·7464·3e3c·2f74·723e··td>low</td></tr>
0003ed70:·3c74·723e·3c74·683e·5265·626f·6f74·3a3c··<tr><th>Reboot:<		0003e990:·3c74·723e·3c74·683e·5265·626f·6f74·3a3c··<tr><th>Reboot:<
0003ed80:·2f74·683e·3c74·643e·6661·6c73·653c·2f74··/th><td>false</t		0003e9a0:·2f74·683e·3c74·643e·6661·6c73·653c·2f74··/th><td>false</t
0003ed90:·643e·3c2f·7472·3e3c·7472·3e3c·7468·3e53··d></tr><tr><th>S		0003e9b0:·643e·3c2f·7472·3e3c·7472·3e3c·7468·3e53··d></tr><tr><th>S
0003eda0:·7472·6174·6567·793a·3c2f·7468·3e3c·7464··trategy:</th><td		0003e9c0:·7472·6174·6567·793a·3c2f·7468·3e3c·7464··trategy:</th><td
0003edb0:·3e72·6573·7472·6963·743c·2f74·643e·3c2f··>restrict</td></		0003e9d0:·3e72·6573·7472·6963·743c·2f74·643e·3c2f··>restrict</td></
0003edc0:·7472·3e3c·2f74·6162·6c65·3e3c·7072·653e··tr></table><pre>		0003e9e0:·7472·3e3c·2f74·6162·6c65·3e3c·7072·653e··tr></table><pre>
0003edd0:·3c63·6f64·653e·2d20·6e61·6d65·3a20·4669··<code>-·name:·Fi		0003e9f0:·3c63·6f64·653e·2d20·6e61·6d65·3a20·4669··<code>-·name:·Fi
0003ede0:·6e64·202f·6574·632f·7375·646f·6572·732e··nd·/etc/sudoers.		0003ea00:·6e64·202f·6574·632f·7375·646f·6572·732e··nd·/etc/sudoers.
0003edf0:·642f·2066·696c·6573·0a20·2061·6e73·6962··d/·files.··ansib		0003ea10:·642f·2066·696c·6573·0a20·2061·6e73·6962··d/·files.··ansib
0003ee00:·6c65·2e62·7569·6c74·696e·2e66·696e·643a··le.builtin.find:		0003ea20:·6c65·2e62·7569·6c74·696e·2e66·696e·643a··le.builtin.find:
0003ee10:·0a20·2020·2070·6174·6873·3a0a·2020·2020··.····paths:.····		0003ea30:·0a20·2020·2070·6174·6873·3a0a·2020·2020··.····paths:.····
0003ee20:·2d20·2f65·7463·2f73·7564·6f65·7273·2e64··-·/etc/sudoers.d		0003ea40:·2d20·2f65·7463·2f73·7564·6f65·7273·2e64··-·/etc/sudoers.d
0003ee30:·2f0a·2020·7265·6769·7374·6572·3a20·7375··/.··register:·su		0003ea50:·2f0a·2020·7265·6769·7374·6572·3a20·7375··/.··register:·su
0003ee40:·646f·6572·730a·2020·7461·6773·3a0a·2020··doers.··tags:.··		0003ea60:·646f·6572·730a·2020·7461·6773·3a0a·2020··doers.··tags:.··
0003ee50:·2d20·4e49·5354·2d38·3030·2d35·332d·434d··-·NIST-800-53-CM		0003ea70:·2d20·4e49·5354·2d38·3030·2d35·332d·434d··-·NIST-800-53-CM
0003ee60:·2d36·2861·290a·2020·2d20·4e49·5354·2d38··-6(a).··-·NIST-8		0003ea80:·2d36·2861·290a·2020·2d20·4e49·5354·2d38··-6(a).··-·NIST-8
0003ee70:·3030·2d35·332d·4941·2d31·310a·2020·2d20··00-53-IA-11.··-·		0003ea90:·3030·2d35·332d·4941·2d31·310a·2020·2d20··00-53-IA-11.··-·
0003ee80:·6c6f·775f·636f·6d70·6c65·7869·7479·0a20··low_complexity.·		0003eaa0:·6c6f·775f·636f·6d70·6c65·7869·7479·0a20··low_complexity.·
0003ee90:·202d·206c·6f77·5f64·6973·7275·7074·696f···-·low_disruptio		0003eab0:·202d·206c·6f77·5f64·6973·7275·7074·696f···-·low_disruptio
0003eea0:·6e0a·2020·2d20·6d65·6469·756d·5f73·6576··n.··-·medium_sev		0003eac0:·6e0a·2020·2d20·6d65·6469·756d·5f73·6576··n.··-·medium_sev
0003eeb0:·6572·6974·790a·2020·2d20·6e6f·5f72·6562··erity.··-·no_reb		0003ead0:·6572·6974·790a·2020·2d20·6e6f·5f72·6562··erity.··-·no_reb
0003eec0:·6f6f·745f·6e65·6564·6564·0a20·202d·2072··oot_needed.··-·r		0003eae0:·6f6f·745f·6e65·6564·6564·0a20·202d·2072··oot_needed.··-·r
0003eed0:·6573·7472·6963·745f·7374·7261·7465·6779··estrict_strategy		0003eaf0:·6573·7472·6963·745f·7374·7261·7465·6779··estrict_strategy
0003eee0:·0a20·202d·2073·7564·6f5f·7265·6d6f·7665··.··-·sudo_remove		0003eb00:·0a20·202d·2073·7564·6f5f·7265·6d6f·7665··.··-·sudo_remove
0003eef0:·5f6e·6f5f·6175·7468·656e·7469·6361·7465··_no_authenticate		0003eb10:·5f6e·6f5f·6175·7468·656e·7469·6361·7465··_no_authenticate
0003ef00:·0a0a·2d20·6e61·6d65·3a20·5265·6d6f·7665··..-·name:·Remove		0003eb20:·0a0a·2d20·6e61·6d65·3a20·5265·6d6f·7665··..-·name:·Remove
0003ef10:·206c·696e·6573·2063·6f6e·7461·696e·696e···lines·containin		0003eb30:·206c·696e·6573·2063·6f6e·7461·696e·696e···lines·containin
Max diff block lines reached; 877578/897642 bytes (97.76%) of diff not shown.


Offset 14288, 15 lines modified		Offset 14288, 15 lines modified
00037cf0:·6973·746f·7279·3c2f·6832·3e3c·703e·4375··istory</h2><p>Cu		00037cf0:·6973·746f·7279·3c2f·6832·3e3c·703e·4375··istory</h2><p>Cu
00037d00:·7272·656e·7420·7665·7273·696f·6e3a·203c··rrent·version:·<		00037d00:·7272·656e·7420·7665·7273·696f·6e3a·203c··rrent·version:·<
00037d10:·7374·726f·6e67·3e30·2e31·2e37·343c·2f73··strong>0.1.74</s		00037d10:·7374·726f·6e67·3e30·2e31·2e37·343c·2f73··strong>0.1.74</s
00037d20:·7472·6f6e·673e·3c2f·703e·3c75·6c3e·3c6c··trong></p><ul><l		00037d20:·7472·6f6e·673e·3c2f·703e·3c75·6c3e·3c6c··trong></p><ul><l
00037d30:·693e·3c73·7472·6f6e·673e·6472·6166·743c··i><strong>draft<		00037d30:·693e·3c73·7472·6f6e·673e·6472·6166·743c··i><strong>draft<
00037d40:·2f73·7472·6f6e·673e·0a20·2020·2020·2020··/strong>.·······		00037d40:·2f73·7472·6f6e·673e·0a20·2020·2020·2020··/strong>.·······
00037d50:·2020·2020·2020·2020·2020·2020·2028·6173···············(as		00037d50:·2020·2020·2020·2020·2020·2020·2028·6173···············(as
00037d60:·206f·6620·3230·3236·2d30·312d·3038·290a···of·2026-01-08).		00037d60:·206f·6620·3230·3234·2d31·322d·3037·290a···of·2024-12-07).
00037d70:·2020·2020·2020·2020·2020·2020·2020·2020··················		00037d70:·2020·2020·2020·2020·2020·2020·2020·2020··················
00037d80:·3c2f·6c69·3e3c·2f75·6c3e·3c2f·6469·763e··</li></ul></div>		00037d80:·3c2f·6c69·3e3c·2f75·6c3e·3c2f·6469·763e··</li></ul></div>
00037d90:·3c68·323e·5461·626c·6520·6f66·2043·6f6e··<h2>Table·of·Con		00037d90:·3c68·323e·5461·626c·6520·6f66·2043·6f6e··<h2>Table·of·Con
00037da0:·7465·6e74·733c·2f68·323e·3c6f·6c3e·3c6c··tents</h2><ol><l		00037da0:·7465·6e74·733c·2f68·323e·3c6f·6c3e·3c6c··tents</h2><ol><l
00037db0:·693e·3c61·2068·7265·663d·2223·7863·6364··i><a·href="#xccd		00037db0:·693e·3c61·2068·7265·663d·2223·7863·6364··i><a·href="#xccd
00037dc0:·665f·6f72·672e·7373·6770·726f·6a65·6374··f_org.ssgproject		00037dc0:·665f·6f72·672e·7373·6770·726f·6a65·6374··f_org.ssgproject
00037dd0:·2e63·6f6e·7465·6e74·5f67·726f·7570·5f73··.content_group_s		00037dd0:·2e63·6f6e·7465·6e74·5f67·726f·7570·5f73··.content_group_s
Offset 16025, 146 lines modified		Offset 16025, 146 lines modified
0003e980:·6172·6765·743d·2223·6964·6d31·3735·3422··arget="#idm1754"		0003e980:·6172·6765·743d·2223·6964·6d31·3735·3422··arget="#idm1754"
0003e990:·2074·6162·696e·6465·783d·2230·2220·726f···tabindex="0"·ro		0003e990:·2074·6162·696e·6465·783d·2230·2220·726f···tabindex="0"·ro
0003e9a0:·6c65·3d22·6275·7474·6f6e·2220·6172·6961··le="button"·aria		0003e9a0:·6c65·3d22·6275·7474·6f6e·2220·6172·6961··le="button"·aria
0003e9b0:·2d65·7870·616e·6465·643d·2266·616c·7365··-expanded="false		0003e9b0:·2d65·7870·616e·6465·643d·2266·616c·7365··-expanded="false
0003e9c0:·2220·7469·746c·653d·2241·6374·6976·6174··"·title="Activat		0003e9c0:·2220·7469·746c·653d·2241·6374·6976·6174··"·title="Activat
0003e9d0:·6520·746f·2072·6576·6561·6c22·2068·7265··e·to·reveal"·hre		0003e9d0:·6520·746f·2072·6576·6561·6c22·2068·7265··e·to·reveal"·hre
0003e9e0:·663d·2223·2122·3e52·656d·6564·6961·7469··f="#!">Remediati		0003e9e0:·663d·2223·2122·3e52·656d·6564·6961·7469··f="#!">Remediati
0003e9f0:·6f6e·2053·6865·6c6c·2073·6372·6970·7420··on·Shell·script·
0003ea00:·e287·b23c·2f61·3e3c·6272·3e3c·6469·7620··...</a><br><div·
0003ea10:·636c·6173·733d·2270·616e·656c·2d63·6f6c··class="panel-col
0003ea20:·6c61·7073·6520·636f·6c6c·6170·7365·2220··lapse·collapse"·
0003ea30:·6964·3d22·6964·6d31·3735·3422·3e3c·7461··id="idm1754"><ta
0003ea40:·626c·6520·636c·6173·733d·2274·6162·6c65··ble·class="table
0003ea50:·2074·6162·6c65·2d73·7472·6970·6564·2074···table-striped·t
0003ea60:·6162·6c65·2d62·6f72·6465·7265·6420·7461··able-bordered·ta
0003ea70:·626c·652d·636f·6e64·656e·7365·6422·3e3c··ble-condensed"><
0003ea80:·7472·3e3c·7468·3e43·6f6d·706c·6578·6974··tr><th>Complexit
0003ea90:·793a·3c2f·7468·3e3c·7464·3e6c·6f77·3c2f··y:</th><td>low</
0003eaa0:·7464·3e3c·2f74·723e·3c74·723e·3c74·683e··td></tr><tr><th>
0003eab0:·4469·7372·7570·7469·6f6e·3a3c·2f74·683e··Disruption:</th>
0003eac0:·3c74·643e·6c6f·773c·2f74·643e·3c2f·7472··<td>low</td></tr
0003ead0:·3e3c·7472·3e3c·7468·3e52·6562·6f6f·743a··><tr><th>Reboot:
0003eae0:·3c2f·7468·3e3c·7464·3e66·616c·7365·3c2f··</th><td>false</
0003eaf0:·7464·3e3c·2f74·723e·3c74·723e·3c74·683e··td></tr><tr><th>
0003eb00:·5374·7261·7465·6779·3a3c·2f74·683e·3c74··Strategy:</th><t
0003eb10:·643e·7265·7374·7269·6374·3c2f·7464·3e3c··d>restrict</td><
0003eb20:·2f74·723e·3c2f·7461·626c·653e·3c70·7265··/tr></table><pre
0003eb30:·3e3c·636f·6465·3e0a·666f·7220·6620·696e··><code>.for·f·in
0003eb40:·202f·6574·632f·7375·646f·6572·7320·2f65···/etc/sudoers·/e
0003eb50:·7463·2f73·7564·6f65·7273·2e64·2f2a·203b··tc/sudoers.d/*·;
0003eb60:·2064·6f0a·2020·6966·205b·2021·202d·6520···do.··if·[·!·-e·
0003eb70:·2224·6622·205d·203b·2074·6865·6e0a·2020··"$f"·]·;·then.··
0003eb80:·2020·636f·6e74·696e·7565·0a20·2066·690a····continue.··fi.
0003eb90:·2020·6d61·7463·6869·6e67·5f6c·6973·743d····matching_list=
0003eba0:·2428·6772·6570·202d·5020·275e·283f·2123··$(grep·-P·'^(?!#
0003ebb0:·292e·2a5b·5c73·5d2b·5c21·6175·7468·656e··).*[\s]+\!authen
0003ebc0:·7469·6361·7465·2e2a·2427·2024·6620·7c20··ticate.*$'·$f·\|·
0003ebd0:·756e·6971·2029·0a20·2069·6620·2120·7465··uniq·).··if·!·te
0003ebe0:·7374·202d·7a20·2224·6d61·7463·6869·6e67··st·-z·"$matching
0003ebf0:·5f6c·6973·7422·3b20·7468·656e·0a20·2020··_list";·then.···
0003ec00:·2077·6869·6c65·2049·4653·3d20·7265·6164···while·IFS=·read
0003ec10:·202d·7220·656e·7472·793b·2064·6f0a·2020···-r·entry;·do.··
0003ec20:·2020·2020·2320·636f·6d6d·656e·7420·6f75······#·comment·ou
0003ec30:·7420·2221·6175·7468·656e·7469·6361·7465··t·"!authenticate
0003ec40:·2220·6d61·7463·6865·7320·746f·2070·7265··"·matches·to·pre
0003ec50:·7365·7276·6520·7573·6572·2064·6174·610a··serve·user·data.
0003ec60:·2020·2020·2020·7365·6420·2d69·2022·732f········sed·-i·"s/
0003ec70:·5e24·7b65·6e74·7279·7d24·2f23·2026·616d··^${entry}$/#·&am
0003ec80:·703b·2f67·2220·2466·0a20·2020·2064·6f6e··p;/g"·$f.····don
0003ec90:·6520·266c·743b·266c·743b·266c·743b·2022··e·<<<·"
0003eca0:·246d·6174·6368·696e·675f·6c69·7374·220a··$matching_list".
0003ecb0:·0a20·2020·202f·7573·722f·7362·696e·2f76··.····/usr/sbin/v
0003ecc0:·6973·7564·6f20·2d63·6620·2466·2026·616d··isudo·-cf·$f·&am
0003ecd0:·703b·2667·743b·202f·6465·762f·6e75·6c6c··p;>·/dev/null
0003ece0:·207c·7c20·6563·686f·2022·4661·696c·2074···\|\|·echo·"Fail·t
0003ecf0:·6f20·7661·6c69·6461·7465·2024·6620·7769··o·validate·$f·wi
0003ed00:·7468·2076·6973·7564·6f22·0a20·2066·690a··th·visudo".··fi.
0003ed10:·646f·6e65·0a3c·2f63·6f64·653e·3c2f·7072··done.</code></pr
0003ed20:·653e·3c2f·6469·763e·3c61·2063·6c61·7373··e></div><a·class
0003ed30:·3d22·6274·6e20·6274·6e2d·7375·6363·6573··="btn·btn-succes
0003ed40:·7322·2064·6174·612d·746f·6767·6c65·3d22··s"·data-toggle="
0003ed50:·636f·6c6c·6170·7365·2220·6461·7461·2d74··collapse"·data-t
0003ed60:·6172·6765·743d·2223·6964·6d31·3735·3522··arget="#idm1755"
0003ed70:·2074·6162·696e·6465·783d·2230·2220·726f···tabindex="0"·ro
0003ed80:·6c65·3d22·6275·7474·6f6e·2220·6172·6961··le="button"·aria
0003ed90:·2d65·7870·616e·6465·643d·2266·616c·7365··-expanded="false
0003eda0:·2220·7469·746c·653d·2241·6374·6976·6174··"·title="Activat
0003edb0:·6520·746f·2072·6576·6561·6c22·2068·7265··e·to·reveal"·hre
0003edc0:·663d·2223·2122·3e52·656d·6564·6961·7469··f="#!">Remediati
0003edd0:·6f6e·2041·6e73·6962·6c65·2073·6e69·7070··on·Ansible·snipp		0003e9f0:·6f6e·2041·6e73·6962·6c65·2073·6e69·7070··on·Ansible·snipp
0003ede0:·6574·20e2·87b2·3c2f·613e·3c62·723e·3c64··et·...</a><br><d		0003ea00:·6574·20e2·87b2·3c2f·613e·3c62·723e·3c64··et·...</a><br><d
0003edf0:·6976·2063·6c61·7373·3d22·7061·6e65·6c2d··iv·class="panel-		0003ea10:·6976·2063·6c61·7373·3d22·7061·6e65·6c2d··iv·class="panel-
0003ee00:·636f·6c6c·6170·7365·2063·6f6c·6c61·7073··collapse·collaps		0003ea20:·636f·6c6c·6170·7365·2063·6f6c·6c61·7073··collapse·collaps
0003ee10:·6522·2069·643d·2269·646d·3137·3535·223e··e"·id="idm1755">		0003ea30:·6522·2069·643d·2269·646d·3137·3534·223e··e"·id="idm1754">
0003ee20:·3c74·6162·6c65·2063·6c61·7373·3d22·7461··<table·class="ta		0003ea40:·3c74·6162·6c65·2063·6c61·7373·3d22·7461··<table·class="ta
0003ee30:·626c·6520·7461·626c·652d·7374·7269·7065··ble·table-stripe		0003ea50:·626c·6520·7461·626c·652d·7374·7269·7065··ble·table-stripe
0003ee40:·6420·7461·626c·652d·626f·7264·6572·6564··d·table-bordered		0003ea60:·6420·7461·626c·652d·626f·7264·6572·6564··d·table-bordered
0003ee50:·2074·6162·6c65·2d63·6f6e·6465·6e73·6564···table-condensed		0003ea70:·2074·6162·6c65·2d63·6f6e·6465·6e73·6564···table-condensed
0003ee60:·223e·3c74·723e·3c74·683e·436f·6d70·6c65··"><tr><th>Comple		0003ea80:·223e·3c74·723e·3c74·683e·436f·6d70·6c65··"><tr><th>Comple
0003ee70:·7869·7479·3a3c·2f74·683e·3c74·643e·6c6f··xity:</th><td>lo		0003ea90:·7869·7479·3a3c·2f74·683e·3c74·643e·6c6f··xity:</th><td>lo
0003ee80:·773c·2f74·643e·3c2f·7472·3e3c·7472·3e3c··w</td></tr><tr><		0003eaa0:·773c·2f74·643e·3c2f·7472·3e3c·7472·3e3c··w</td></tr><tr><
0003ee90:·7468·3e44·6973·7275·7074·696f·6e3a·3c2f··th>Disruption:</		0003eab0:·7468·3e44·6973·7275·7074·696f·6e3a·3c2f··th>Disruption:</
0003eea0:·7468·3e3c·7464·3e6c·6f77·3c2f·7464·3e3c··th><td>low</td><		0003eac0:·7468·3e3c·7464·3e6c·6f77·3c2f·7464·3e3c··th><td>low</td><
0003eeb0:·2f74·723e·3c74·723e·3c74·683e·5265·626f··/tr><tr><th>Rebo		0003ead0:·2f74·723e·3c74·723e·3c74·683e·5265·626f··/tr><tr><th>Rebo
0003eec0:·6f74·3a3c·2f74·683e·3c74·643e·6661·6c73··ot:</th><td>fals		0003eae0:·6f74·3a3c·2f74·683e·3c74·643e·6661·6c73··ot:</th><td>fals
0003eed0:·653c·2f74·643e·3c2f·7472·3e3c·7472·3e3c··e</td></tr><tr><		0003eaf0:·653c·2f74·643e·3c2f·7472·3e3c·7472·3e3c··e</td></tr><tr><
0003eee0:·7468·3e53·7472·6174·6567·793a·3c2f·7468··th>Strategy:</th		0003eb00:·7468·3e53·7472·6174·6567·793a·3c2f·7468··th>Strategy:</th
0003eef0:·3e3c·7464·3e72·6573·7472·6963·743c·2f74··><td>restrict</t		0003eb10:·3e3c·7464·3e72·6573·7472·6963·743c·2f74··><td>restrict</t
0003ef00:·643e·3c2f·7472·3e3c·2f74·6162·6c65·3e3c··d></tr></table><		0003eb20:·643e·3c2f·7472·3e3c·2f74·6162·6c65·3e3c··d></tr></table><
0003ef10:·7072·653e·3c63·6f64·653e·2d20·6e61·6d65··pre><code>-·name		0003eb30:·7072·653e·3c63·6f64·653e·2d20·6e61·6d65··pre><code>-·name
0003ef20:·3a20·4669·6e64·202f·6574·632f·7375·646f··:·Find·/etc/sudo		0003eb40:·3a20·4669·6e64·202f·6574·632f·7375·646f··:·Find·/etc/sudo
0003ef30:·6572·732e·642f·2066·696c·6573·0a20·2061··ers.d/·files.··a		0003eb50:·6572·732e·642f·2066·696c·6573·0a20·2061··ers.d/·files.··a
0003ef40:·6e73·6962·6c65·2e62·7569·6c74·696e·2e66··nsible.builtin.f		0003eb60:·6e73·6962·6c65·2e62·7569·6c74·696e·2e66··nsible.builtin.f
0003ef50:·696e·643a·0a20·2020·2070·6174·6873·3a0a··ind:.····paths:.		0003eb70:·696e·643a·0a20·2020·2070·6174·6873·3a0a··ind:.····paths:.
0003ef60:·2020·2020·2d20·2f65·7463·2f73·7564·6f65······-·/etc/sudoe		0003eb80:·2020·2020·2d20·2f65·7463·2f73·7564·6f65······-·/etc/sudoe
0003ef70:·7273·2e64·2f0a·2020·7265·6769·7374·6572··rs.d/.··register		0003eb90:·7273·2e64·2f0a·2020·7265·6769·7374·6572··rs.d/.··register
0003ef80:·3a20·7375·646f·6572·730a·2020·7461·6773··:·sudoers.··tags		0003eba0:·3a20·7375·646f·6572·730a·2020·7461·6773··:·sudoers.··tags
0003ef90:·3a0a·2020·2d20·4e49·5354·2d38·3030·2d35··:.··-·NIST-800-5		0003ebb0:·3a0a·2020·2d20·4e49·5354·2d38·3030·2d35··:.··-·NIST-800-5
0003efa0:·332d·434d·2d36·2861·290a·2020·2d20·4e49··3-CM-6(a).··-·NI		0003ebc0:·332d·434d·2d36·2861·290a·2020·2d20·4e49··3-CM-6(a).··-·NI
0003efb0:·5354·2d38·3030·2d35·332d·4941·2d31·310a··ST-800-53-IA-11.		0003ebd0:·5354·2d38·3030·2d35·332d·4941·2d31·310a··ST-800-53-IA-11.
0003efc0:·2020·2d20·6c6f·775f·636f·6d70·6c65·7869····-·low_complexi		0003ebe0:·2020·2d20·6c6f·775f·636f·6d70·6c65·7869····-·low_complexi
0003efd0:·7479·0a20·202d·206c·6f77·5f64·6973·7275··ty.··-·low_disru		0003ebf0:·7479·0a20·202d·206c·6f77·5f64·6973·7275··ty.··-·low_disru
0003efe0:·7074·696f·6e0a·2020·2d20·6d65·6469·756d··ption.··-·medium		0003ec00:·7074·696f·6e0a·2020·2d20·6d65·6469·756d··ption.··-·medium
0003eff0:·5f73·6576·6572·6974·790a·2020·2d20·6e6f··_severity.··-·no		0003ec10:·5f73·6576·6572·6974·790a·2020·2d20·6e6f··_severity.··-·no
0003~~f00~~0:·5f72·6562·6f6f·745f·6e65·6564·6564·0a20··_reboot_needed.·		0003ec20:·5f72·6562·6f6f·745f·6e65·6564·6564·0a20··_reboot_needed.·
0003~~f01~~0:·202d·2072·6573·7472·6963·745f·7374·7261···-·restrict_stra		0003ec30:·202d·2072·6573·7472·6963·745f·7374·7261···-·restrict_stra
0003~~f02~~0:·7465·6779·0a20·202d·2073·7564·6f5f·7265··tegy.··-·sudo_re		0003ec40:·7465·6779·0a20·202d·2073·7564·6f5f·7265··tegy.··-·sudo_re
0003~~f03~~0:·6d6f·7665·5f6e·6f5f·6175·7468·656e·7469··move_no_authenti		0003ec50:·6d6f·7665·5f6e·6f5f·6175·7468·656e·7469··move_no_authenti
0003~~f04~~0:·6361·7465·0a0a·2d20·6e61·6d65·3a20·5265··cate..-·name:·Re		0003ec60:·6361·7465·0a0a·2d20·6e61·6d65·3a20·5265··cate..-·name:·Re
0003~~f05~~0:·6d6f·7665·206c·696e·6573·2063·6f6e·7461··move·lines·conta		0003ec70:·6d6f·7665·206c·696e·6573·2063·6f6e·7461··move·lines·conta
0003~~f06~~0:·696e·696e·6720·2161·7574·6865·6e74·6963··ining·!authentic		0003ec80:·696e·696e·6720·2161·7574·6865·6e74·6963··ining·!authentic
Max diff block lines reached; 1005327/1025253 bytes (98.06%) of diff not shown.


Offset 38, 15 lines modified		Offset 38, 15 lines modified
38	\x8\x8\x8\x8\x8·P\x8Pr\x8ro\x8of\x8fi\x8il\x8le\x8e·I\x8In\x8nf\x8fo\x8or\x8rm\x8ma\x8at\x8ti\x8io\x8on\x8n·\x8\x8\x8\x8\x8	38	\x8\x8\x8\x8\x8·P\x8Pr\x8ro\x8of\x8fi\x8il\x8le\x8e·I\x8In\x8nf\x8fo\x8or\x8rm\x8ma\x8at\x8ti\x8io\x8on\x8n·\x8\x8\x8\x8\x8
39	P\x8Pr\x8ro\x8of\x8fi\x8il\x8le\x8e·T\x8Ti\x8it\x8tl\x8le\x8e·Profile·for·ANSSI·DAT-NT28·High·(Enforced)·Level	39	P\x8Pr\x8ro\x8of\x8fi\x8il\x8le\x8e·T\x8Ti\x8it\x8tl\x8le\x8e·Profile·for·ANSSI·DAT-NT28·High·(Enforced)·Level
40	P\x8Pr\x8ro\x8of\x8fi\x8il\x8le\x8e·I\x8ID\x8D····xccdf_org.ssgproject.content_profile_anssi_np_nt28_high	40	P\x8Pr\x8ro\x8of\x8fi\x8il\x8le\x8e·I\x8ID\x8D····xccdf_org.ssgproject.content_profile_anssi_np_nt28_high
41	\x8\x8\x8·C\x8CP\x8PE\x8E·P\x8Pl\x8la\x8at\x8tf\x8fo\x8or\x8rm\x8ms\x8s·\x8\x8\x8	41	\x8\x8\x8·C\x8CP\x8PE\x8E·P\x8Pl\x8la\x8at\x8tf\x8fo\x8or\x8rm\x8ms\x8s·\x8\x8\x8
42	····*·cpe:/o:canonical:ubuntu_linux:16.04::~~lts~~~	42	····*·cpe:/o:canonical:ubuntu_linux:16.04::~~lts~~~
43	\x8\x8\x8\x8\x8·R\x8Re\x8ev\x8vi\x8is\x8si\x8io\x8on\x8n·H\x8Hi\x8is\x8st\x8to\x8or\x8ry\x8y·\x8\x8\x8\x8\x8	43	\x8\x8\x8\x8\x8·R\x8Re\x8ev\x8vi\x8is\x8si\x8io\x8on\x8n·H\x8Hi\x8is\x8st\x8to\x8or\x8ry\x8y·\x8\x8\x8\x8\x8
44	Current·version:·0\x80.\x8.1\x81.\x8.7\x874\x84	44	Current·version:·0\x80.\x8.1\x81.\x8.7\x874\x84
45	····*·d\x8dr\x8ra\x8af\x8ft\x8t·(as·of·2026-01-08)	45	····*·d\x8dr\x8ra\x8af\x8ft\x8t·(as·of·2024-12-07)
46	\x8\x8\x8\x8\x8·T\x8Ta\x8ab\x8bl\x8le\x8e·o\x8of\x8f·C\x8Co\x8on\x8nt\x8te\x8en\x8nt\x8ts\x8s·\x8\x8\x8\x8\x8	46	\x8\x8\x8\x8\x8·T\x8Ta\x8ab\x8bl\x8le\x8e·o\x8of\x8f·C\x8Co\x8on\x8nt\x8te\x8en\x8nt\x8ts\x8s·\x8\x8\x8\x8\x8
47	···1.·_\x8S_\x8y_\x8s_\x8t_\x8e_\x8m_\x8·_\x8S_\x8e_\x8t_\x8t_\x8i_\x8n_\x8g_\x8s	47	···1.·_\x8S_\x8y_\x8s_\x8t_\x8e_\x8m_\x8·_\x8S_\x8e_\x8t_\x8t_\x8i_\x8n_\x8g_\x8s
48	·········1.·_\x8I_\x8n_\x8s_\x8t_\x8a_\x8l_\x8l_\x8i_\x8n_\x8g_\x8·_\x8a_\x8n_\x8d_\x8·_\x8M_\x8a_\x8i_\x8n_\x8t_\x8a_\x8i_\x8n_\x8i_\x8n_\x8g_\x8·_\x8S_\x8o_\x8f_\x8t_\x8w_\x8a_\x8r_\x8e	48	·········1.·_\x8I_\x8n_\x8s_\x8t_\x8a_\x8l_\x8l_\x8i_\x8n_\x8g_\x8·_\x8a_\x8n_\x8d_\x8·_\x8M_\x8a_\x8i_\x8n_\x8t_\x8a_\x8i_\x8n_\x8i_\x8n_\x8g_\x8·_\x8S_\x8o_\x8f_\x8t_\x8w_\x8a_\x8r_\x8e
49	·········2.·_\x8G_\x8R_\x8U_\x8B_\x82_\x8·_\x8b_\x8o_\x8o_\x8t_\x8l_\x8o_\x8a_\x8d_\x8e_\x8r_\x8·_\x8c_\x8o_\x8n_\x8f_\x8i_\x8g_\x8u_\x8r_\x8a_\x8t_\x8i_\x8o_\x8n	49	·········2.·_\x8G_\x8R_\x8U_\x8B_\x82_\x8·_\x8b_\x8o_\x8o_\x8t_\x8l_\x8o_\x8a_\x8d_\x8e_\x8r_\x8·_\x8c_\x8o_\x8n_\x8f_\x8i_\x8g_\x8u_\x8r_\x8a_\x8t_\x8i_\x8o_\x8n
50	·········3.·_\x8C_\x8o_\x8n_\x8f_\x8i_\x8g_\x8u_\x8r_\x8e_\x8·_\x8S_\x8y_\x8s_\x8l_\x8o_\x8g	50	·········3.·_\x8C_\x8o_\x8n_\x8f_\x8i_\x8g_\x8u_\x8r_\x8e_\x8·_\x8S_\x8y_\x8s_\x8l_\x8o_\x8g
51	·········4.·_\x8F_\x8i_\x8l_\x8e_\x8·_\x8P_\x8e_\x8r_\x8m_\x8i_\x8s_\x8s_\x8i_\x8o_\x8n_\x8s_\x8·_\x8a_\x8n_\x8d_\x8·_\x8M_\x8a_\x8s_\x8k_\x8s	51	·········4.·_\x8F_\x8i_\x8l_\x8e_\x8·_\x8P_\x8e_\x8r_\x8m_\x8i_\x8s_\x8s_\x8i_\x8o_\x8n_\x8s_\x8·_\x8a_\x8n_\x8d_\x8·_\x8M_\x8a_\x8s_\x8k_\x8s
52	···2.·_\x8S_\x8e_\x8r_\x8v_\x8i_\x8c_\x8e_\x8s	52	···2.·_\x8S_\x8e_\x8r_\x8v_\x8i_\x8c_\x8e_\x8s
Offset 231, 35 lines modified		Offset 231, 14 lines modified
231	···························1.7,·SR·1.8,·SR·1.9	231	···························1.7,·SR·1.8,·SR·1.9
232	············_\x8i_\x8s_\x8o_\x82_\x87_\x80_\x80_\x81_\x8-_\x82_\x80_\x81_\x83··A.18.1.4,·A.9.2.1,·A.9.2.2,·A.9.2.3,·A.9.2.4,	232	············_\x8i_\x8s_\x8o_\x82_\x87_\x80_\x80_\x81_\x8-_\x82_\x80_\x81_\x83··A.18.1.4,·A.9.2.1,·A.9.2.2,·A.9.2.3,·A.9.2.4,
233	···························A.9.2.6,·A.9.3.1,·A.9.4.2,·A.9.4.3	233	···························A.9.2.6,·A.9.3.1,·A.9.4.2,·A.9.4.3
234	············_\x8n_\x8i_\x8s_\x8t···········IA-11,·CM-6(a)	234	············_\x8n_\x8i_\x8s_\x8t···········IA-11,·CM-6(a)
235	············_\x8n_\x8i_\x8s_\x8t_\x8-_\x8c_\x8s_\x8f·······PR.AC-1,·PR.AC-7	235	············_\x8n_\x8i_\x8s_\x8t_\x8-_\x8c_\x8s_\x8f·······PR.AC-1,·PR.AC-7
236	············_\x8o_\x8s_\x8-_\x8s_\x8r_\x8g·········SRG-OS-000373-GPOS-00156,·SRG-OS-000373-GPOS-00157,	236	············_\x8o_\x8s_\x8-_\x8s_\x8r_\x8g·········SRG-OS-000373-GPOS-00156,·SRG-OS-000373-GPOS-00157,
237	···························SRG-OS-000373-GPOS-00158	237	···························SRG-OS-000373-GPOS-00158
238	_\x8R_\x8e_\x8m_\x8e_\x8d_\x8i_\x8a_\x8t_\x8i_\x8o_\x8n_\x8·_\x8S_\x8h_\x8e_\x8l_\x8l_\x8·_\x8s_\x8c_\x8r_\x8i_\x8p_\x8t_\x8·_\x8⇲
239	C\x8Co\x8om\x8mp\x8pl\x8le\x8ex\x8xi\x8it\x8ty\x8y:\x8:·low
240	D\x8Di\x8is\x8sr\x8ru\x8up\x8pt\x8ti\x8io\x8on\x8n:\x8:·low
241	R\x8Re\x8eb\x8bo\x8oo\x8ot\x8t:\x8:·····false
242	S\x8St\x8tr\x8ra\x8at\x8te\x8eg\x8gy\x8y:\x8:···restrict

243	for·f·in·/etc/sudoers·/etc/sudoers.d/*·;·do
244	··if·[·!·-e·"$f"·]·;·then
245	····continue
246	··fi
247	··matching_list=$(grep·-P·'^(?!#).[\s]+\!authenticate.$'·$f·\|·uniq·)
248	··if·!·test·-z·"$matching_list";·then
249	····while·IFS=·read·-r·entry;·do
250	······#·comment·out·"!authenticate"·matches·to·preserve·user·data
251	······sed·-i·"s/^${entry}$/#·&/g"·$f
252	····done·<<<·"$matching_list"

253	····/usr/sbin/visudo·-cf·$f·&>·/dev/null·\|\|·echo·"Fail·to·validate·$f·with
254	visudo"
255	··fi
256	done
257	_\x8R_\x8e_\x8m_\x8e_\x8d_\x8i_\x8a_\x8t_\x8i_\x8o_\x8n_\x8·_\x8A_\x8n_\x8s_\x8i_\x8b_\x8l_\x8e_\x8·_\x8s_\x8n_\x8i_\x8p_\x8p_\x8e_\x8t_\x8·_\x8⇲	238	_\x8R_\x8e_\x8m_\x8e_\x8d_\x8i_\x8a_\x8t_\x8i_\x8o_\x8n_\x8·_\x8A_\x8n_\x8s_\x8i_\x8b_\x8l_\x8e_\x8·_\x8s_\x8n_\x8i_\x8p_\x8p_\x8e_\x8t_\x8·_\x8⇲
258	C\x8Co\x8om\x8mp\x8pl\x8le\x8ex\x8xi\x8it\x8ty\x8y:\x8:·low	239	C\x8Co\x8om\x8mp\x8pl\x8le\x8ex\x8xi\x8it\x8ty\x8y:\x8:·low
259	D\x8Di\x8is\x8sr\x8ru\x8up\x8pt\x8ti\x8io\x8on\x8n:\x8:·low	240	D\x8Di\x8is\x8sr\x8ru\x8up\x8pt\x8ti\x8io\x8on\x8n:\x8:·low
260	R\x8Re\x8eb\x8bo\x8oo\x8ot\x8t:\x8:·····false	241	R\x8Re\x8eb\x8bo\x8oo\x8ot\x8t:\x8:·····false
261	S\x8St\x8tr\x8ra\x8at\x8te\x8eg\x8gy\x8y:\x8:···restrict	242	S\x8St\x8tr\x8ra\x8at\x8te\x8eg\x8gy\x8y:\x8:···restrict
262	-·name:·Find·/etc/sudoers.d/·files	243	-·name:·Find·/etc/sudoers.d/·files
263	··ansible.builtin.find:	244	··ansible.builtin.find:
Offset 290, 14 lines modified		Offset 269, 35 lines modified
290	··-·NIST-800-53-IA-11	269	··-·NIST-800-53-IA-11
291	··-·low_complexity	270	··-·low_complexity
292	··-·low_disruption	271	··-·low_disruption
293	··-·medium_severity	272	··-·medium_severity
294	··-·no_reboot_needed	273	··-·no_reboot_needed
295	··-·restrict_strategy	274	··-·restrict_strategy
296	··-·sudo_remove_no_authenticate	275	··-·sudo_remove_no_authenticate
		276	_\x8R_\x8e_\x8m_\x8e_\x8d_\x8i_\x8a_\x8t_\x8i_\x8o_\x8n_\x8·_\x8S_\x8h_\x8e_\x8l_\x8l_\x8·_\x8s_\x8c_\x8r_\x8i_\x8p_\x8t_\x8·_\x8⇲
		277	C\x8Co\x8om\x8mp\x8pl\x8le\x8ex\x8xi\x8it\x8ty\x8y:\x8:·low
		278	D\x8Di\x8is\x8sr\x8ru\x8up\x8pt\x8ti\x8io\x8on\x8n:\x8:·low
		279	R\x8Re\x8eb\x8bo\x8oo\x8ot\x8t:\x8:·····false
		280	S\x8St\x8tr\x8ra\x8at\x8te\x8eg\x8gy\x8y:\x8:···restrict

		281	for·f·in·/etc/sudoers·/etc/sudoers.d/*·;·do
		282	··if·[·!·-e·"$f"·]·;·then
		283	····continue
		284	··fi
		285	··matching_list=$(grep·-P·'^(?!#).[\s]+\!authenticate.$'·$f·\|·uniq·)
		286	··if·!·test·-z·"$matching_list";·then
		287	····while·IFS=·read·-r·entry;·do
		288	······#·comment·out·"!authenticate"·matches·to·preserve·user·data
		289	······sed·-i·"s/^${entry}$/#·&/g"·$f
		290	····done·<<<·"$matching_list"

		291	····/usr/sbin/visudo·-cf·$f·&>·/dev/null·\|\|·echo·"Fail·to·validate·$f·with
		292	visudo"
		293	··fi
		294	done
297	\x8\x8\x8·R\x8Ru\x8ul\x8le\x8e?\x8 ?\x8 ·E\x8En\x8ns\x8su\x8ur\x8re\x8e·U\x8Us\x8se\x8er\x8rs\x8s·R\x8Re\x8e-\x8-A\x8Au\x8ut\x8th\x8he\x8en\x8nt\x8ti\x8ic\x8ca\x8at\x8te\x8e·f\x8fo\x8or\x8r·P\x8Pr\x8ri\x8iv\x8vi\x8il\x8le\x8eg\x8ge\x8e·E\x8Es\x8sc\x8ca\x8al\x8la\x8at\x8ti\x8io\x8on\x8n·-\x8-·s\x8su\x8ud\x8do\x8o	295	\x8\x8\x8·R\x8Ru\x8ul\x8le\x8e?\x8 ?\x8 ·E\x8En\x8ns\x8su\x8ur\x8re\x8e·U\x8Us\x8se\x8er\x8rs\x8s·R\x8Re\x8e-\x8-A\x8Au\x8ut\x8th\x8he\x8en\x8nt\x8ti\x8ic\x8ca\x8at\x8te\x8e·f\x8fo\x8or\x8r·P\x8Pr\x8ri\x8iv\x8vi\x8il\x8le\x8eg\x8ge\x8e·E\x8Es\x8sc\x8ca\x8al\x8la\x8at\x8ti\x8io\x8on\x8n·-\x8-·s\x8su\x8ud\x8do\x8o
298	N\x8NO\x8OP\x8PA\x8AS\x8SS\x8SW\x8WD\x8D·?\x8 ?\x8 _\x8[\x8[_\x8r\x8r_\x8e\x8e_\x8f\x8f_\x8]\x8]·\x8\x8\x8	296	N\x8NO\x8OP\x8PA\x8AS\x8SS\x8SW\x8WD\x8D·?\x8 ?\x8 _\x8[\x8[_\x8r\x8r_\x8e\x8e_\x8f\x8f_\x8]\x8]·\x8\x8\x8
299	The·sudo·NOPASSWD·tag,·when·specified,·allows·a·user·to·execute·commands·using	297	The·sudo·NOPASSWD·tag,·when·specified,·allows·a·user·to·execute·commands·using
300	sudo·without·having·to·authenticate.·This·should·be·disabled·by·making·sure	298	sudo·without·having·to·authenticate.·This·should·be·disabled·by·making·sure
301	that·the·NOPASSWD·tag·does·not·exist·in·/etc/sudoers·configuration·file·or·any	299	that·the·NOPASSWD·tag·does·not·exist·in·/etc/sudoers·configuration·file·or·any
302	sudo·configuration·snippets·in·/etc/sudoers.d/.	300	sudo·configuration·snippets·in·/etc/sudoers.d/.
303	············Without·re-authentication,·users·may·access·resources·or·perform	301	············Without·re-authentication,·users·may·access·resources·or·perform
Offset 318, 35 lines modified		Offset 318, 14 lines modified
318	···························1.7,·SR·1.8,·SR·1.9	318	···························1.7,·SR·1.8,·SR·1.9
319	············_\x8i_\x8s_\x8o_\x82_\x87_\x80_\x80_\x81_\x8-_\x82_\x80_\x81_\x83··A.18.1.4,·A.9.2.1,·A.9.2.2,·A.9.2.3,·A.9.2.4,	319	············_\x8i_\x8s_\x8o_\x82_\x87_\x80_\x80_\x81_\x8-_\x82_\x80_\x81_\x83··A.18.1.4,·A.9.2.1,·A.9.2.2,·A.9.2.3,·A.9.2.4,
320	···························A.9.2.6,·A.9.3.1,·A.9.4.2,·A.9.4.3	320	···························A.9.2.6,·A.9.3.1,·A.9.4.2,·A.9.4.3
321	············_\x8n_\x8i_\x8s_\x8t···········IA-11,·CM-6(a)	321	············_\x8n_\x8i_\x8s_\x8t···········IA-11,·CM-6(a)
322	············_\x8n_\x8i_\x8s_\x8t_\x8-_\x8c_\x8s_\x8f·······PR.AC-1,·PR.AC-7	322	············_\x8n_\x8i_\x8s_\x8t_\x8-_\x8c_\x8s_\x8f·······PR.AC-1,·PR.AC-7
323	············_\x8o_\x8s_\x8-_\x8s_\x8r_\x8g·········SRG-OS-000373-GPOS-00156,·SRG-OS-000373-GPOS-00157,	323	············_\x8o_\x8s_\x8-_\x8s_\x8r_\x8g·········SRG-OS-000373-GPOS-00156,·SRG-OS-000373-GPOS-00157,
324	···························SRG-OS-000373-GPOS-00158	324	···························SRG-OS-000373-GPOS-00158
325	_\x8R_\x8e_\x8m_\x8e_\x8d_\x8i_\x8a_\x8t_\x8i_\x8o_\x8n_\x8·_\x8S_\x8h_\x8e_\x8l_\x8l_\x8·_\x8s_\x8c_\x8r_\x8i_\x8p_\x8t_\x8·_\x8⇲
326	C\x8Co\x8om\x8mp\x8pl\x8le\x8ex\x8xi\x8it\x8ty\x8y:\x8:·low
327	D\x8Di\x8is\x8sr\x8ru\x8up\x8pt\x8ti\x8io\x8on\x8n:\x8:·low
328	R\x8Re\x8eb\x8bo\x8oo\x8ot\x8t:\x8:·····false
329	S\x8St\x8tr\x8ra\x8at\x8te\x8eg\x8gy\x8y:\x8:···restrict

330	for·f·in·/etc/sudoers·/etc/sudoers.d/*·;·do
331	··if·[·!·-e·"$f"·]·;·then
332	····continue
333	··fi
334	··matching_list=$(grep·-P·'^(?!#).[\s]+NOPASSWD[\s]\:.*$'·$f·\|·uniq·)
335	··if·!·test·-z·"$matching_list";·then
336	····while·IFS=·read·-r·entry;·do
337	······#·comment·out·"NOPASSWD"·matches·to·preserve·user·data
338	······sed·-i·"s/^${entry}$/#·&/g"·$f
339	····done·<<<·"$matching_list"

340	····/usr/sbin/visudo·-cf·$f·&>·/dev/null·\|\|·echo·"Fail·to·validate·$f·with
341	visudo"
342	··fi
343	done
344	_\x8R_\x8e_\x8m_\x8e_\x8d_\x8i_\x8a_\x8t_\x8i_\x8o_\x8n_\x8·_\x8A_\x8n_\x8s_\x8i_\x8b_\x8l_\x8e_\x8·_\x8s_\x8n_\x8i_\x8p_\x8p_\x8e_\x8t_\x8·_\x8⇲	325	_\x8R_\x8e_\x8m_\x8e_\x8d_\x8i_\x8a_\x8t_\x8i_\x8o_\x8n_\x8·_\x8A_\x8n_\x8s_\x8i_\x8b_\x8l_\x8e_\x8·_\x8s_\x8n_\x8i_\x8p_\x8p_\x8e_\x8t_\x8·_\x8⇲
345	C\x8Co\x8om\x8mp\x8pl\x8le\x8ex\x8xi\x8it\x8ty\x8y:\x8:·low	326	C\x8Co\x8om\x8mp\x8pl\x8le\x8ex\x8xi\x8it\x8ty\x8y:\x8:·low
346	D\x8Di\x8is\x8sr\x8ru\x8up\x8pt\x8ti\x8io\x8on\x8n:\x8:·low	327	D\x8Di\x8is\x8sr\x8ru\x8up\x8pt\x8ti\x8io\x8on\x8n:\x8:·low
347	R\x8Re\x8eb\x8bo\x8oo\x8ot\x8t:\x8:·····false	328	R\x8Re\x8eb\x8bo\x8oo\x8ot\x8t:\x8:·····false
348	S\x8St\x8tr\x8ra\x8at\x8te\x8eg\x8gy\x8y:\x8:···restrict	329	S\x8St\x8tr\x8ra\x8at\x8te\x8eg\x8gy\x8y:\x8:···restrict
349	-·name:·Find·/etc/sudoers.d/·files	330	-·name:·Find·/etc/sudoers.d/·files
350	··ansible.builtin.find:	331	··ansible.builtin.find:
Offset 377, 14 lines modified		Offset 356, 35 lines modified
377	··-·NIST-800-53-IA-11	356	··-·NIST-800-53-IA-11
378	··-·low_complexity	357	··-·low_complexity
379	··-·low_disruption	358	··-·low_disruption
Max diff block lines reached; 122751/128505 bytes (95.52%) of diff not shown.


Offset 14281, 15 lines modified		Offset 14281, 15 lines modified
00037c80:·2048·6973·746f·7279·3c2f·6832·3e3c·703e···History</h2><p>		00037c80:·2048·6973·746f·7279·3c2f·6832·3e3c·703e···History</h2><p>
00037c90:·4375·7272·656e·7420·7665·7273·696f·6e3a··Current·version:		00037c90:·4375·7272·656e·7420·7665·7273·696f·6e3a··Current·version:
00037ca0:·203c·7374·726f·6e67·3e30·2e31·2e37·343c···<strong>0.1.74<		00037ca0:·203c·7374·726f·6e67·3e30·2e31·2e37·343c···<strong>0.1.74<
00037cb0:·2f73·7472·6f6e·673e·3c2f·703e·3c75·6c3e··/strong></p><ul>		00037cb0:·2f73·7472·6f6e·673e·3c2f·703e·3c75·6c3e··/strong></p><ul>
00037cc0:·3c6c·693e·3c73·7472·6f6e·673e·6472·6166··<li><strong>draf		00037cc0:·3c6c·693e·3c73·7472·6f6e·673e·6472·6166··<li><strong>draf
00037cd0:·743c·2f73·7472·6f6e·673e·0a20·2020·2020··t</strong>.·····		00037cd0:·743c·2f73·7472·6f6e·673e·0a20·2020·2020··t</strong>.·····
00037ce0:·2020·2020·2020·2020·2020·2020·2020·2028·················(		00037ce0:·2020·2020·2020·2020·2020·2020·2020·2028·················(
00037cf0:·6173·206f·6620·3230·3236·2d30·312d·3038··as·of·2026-01-08		00037cf0:·6173·206f·6620·3230·3234·2d31·322d·3037··as·of·2024-12-07
00037d00:·290a·2020·2020·2020·2020·2020·2020·2020··).··············		00037d00:·290a·2020·2020·2020·2020·2020·2020·2020··).··············
00037d10:·2020·3c2f·6c69·3e3c·2f75·6c3e·3c2f·6469····</li></ul></di		00037d10:·2020·3c2f·6c69·3e3c·2f75·6c3e·3c2f·6469····</li></ul></di
00037d20:·763e·3c68·323e·5461·626c·6520·6f66·2043··v><h2>Table·of·C		00037d20:·763e·3c68·323e·5461·626c·6520·6f66·2043··v><h2>Table·of·C
00037d30:·6f6e·7465·6e74·733c·2f68·323e·3c6f·6c3e··ontents</h2><ol>		00037d30:·6f6e·7465·6e74·733c·2f68·323e·3c6f·6c3e··ontents</h2><ol>
00037d40:·3c6c·693e·3c61·2068·7265·663d·2223·7863··<li><a·href="#xc		00037d40:·3c6c·693e·3c61·2068·7265·663d·2223·7863··<li><a·href="#xc
00037d50:·6364·665f·6f72·672e·7373·6770·726f·6a65··cdf_org.ssgproje		00037d50:·6364·665f·6f72·672e·7373·6770·726f·6a65··cdf_org.ssgproje
00037d60:·6374·2e63·6f6e·7465·6e74·5f67·726f·7570··ct.content_group		00037d60:·6374·2e63·6f6e·7465·6e74·5f67·726f·7570··ct.content_group
Offset 14774, 147 lines modified		Offset 14774, 147 lines modified
00039b50:·6170·7365·2220·6461·7461·2d74·6172·6765··apse"·data-targe		00039b50:·6170·7365·2220·6461·7461·2d74·6172·6765··apse"·data-targe
00039b60:·743d·2223·6964·6d31·3735·3422·2074·6162··t="#idm1754"·tab		00039b60:·743d·2223·6964·6d31·3735·3422·2074·6162··t="#idm1754"·tab
00039b70:·696e·6465·783d·2230·2220·726f·6c65·3d22··index="0"·role="		00039b70:·696e·6465·783d·2230·2220·726f·6c65·3d22··index="0"·role="
00039b80:·6275·7474·6f6e·2220·6172·6961·2d65·7870··button"·aria-exp		00039b80:·6275·7474·6f6e·2220·6172·6961·2d65·7870··button"·aria-exp
00039b90:·616e·6465·643d·2266·616c·7365·2220·7469··anded="false"·ti		00039b90:·616e·6465·643d·2266·616c·7365·2220·7469··anded="false"·ti
00039ba0:·746c·653d·2241·6374·6976·6174·6520·746f··tle="Activate·to		00039ba0:·746c·653d·2241·6374·6976·6174·6520·746f··tle="Activate·to
00039bb0:·2072·6576·6561·6c22·2068·7265·663d·2223···reveal"·href="#		00039bb0:·2072·6576·6561·6c22·2068·7265·663d·2223···reveal"·href="#
00039bc0:·2122·3e52·656d·6564·6961·7469·6f6e·2053··!">Remediation·S
00039bd0:·6865·6c6c·2073·6372·6970·7420·e287·b23c··hell·script·...<
00039be0:·2f61·3e3c·6272·3e3c·6469·7620·636c·6173··/a><br><div·clas
00039bf0:·733d·2270·616e·656c·2d63·6f6c·6c61·7073··s="panel-collaps
00039c00:·6520·636f·6c6c·6170·7365·2220·6964·3d22··e·collapse"·id="
00039c10:·6964·6d31·3735·3422·3e3c·7461·626c·6520··idm1754"><table·
00039c20:·636c·6173·733d·2274·6162·6c65·2074·6162··class="table·tab
00039c30:·6c65·2d73·7472·6970·6564·2074·6162·6c65··le-striped·table
00039c40:·2d62·6f72·6465·7265·6420·7461·626c·652d··-bordered·table-
00039c50:·636f·6e64·656e·7365·6422·3e3c·7472·3e3c··condensed"><tr><
00039c60:·7468·3e43·6f6d·706c·6578·6974·793a·3c2f··th>Complexity:</
00039c70:·7468·3e3c·7464·3e6c·6f77·3c2f·7464·3e3c··th><td>low</td><
00039c80:·2f74·723e·3c74·723e·3c74·683e·4469·7372··/tr><tr><th>Disr
00039c90:·7570·7469·6f6e·3a3c·2f74·683e·3c74·643e··uption:</th><td>
00039ca0:·6c6f·773c·2f74·643e·3c2f·7472·3e3c·7472··low</td></tr><tr
00039cb0:·3e3c·7468·3e52·6562·6f6f·743a·3c2f·7468··><th>Reboot:</th
00039cc0:·3e3c·7464·3e66·616c·7365·3c2f·7464·3e3c··><td>false</td><
00039cd0:·2f74·723e·3c74·723e·3c74·683e·5374·7261··/tr><tr><th>Stra
00039ce0:·7465·6779·3a3c·2f74·683e·3c74·643e·7265··tegy:</th><td>re
00039cf0:·7374·7269·6374·3c2f·7464·3e3c·2f74·723e··strict</td></tr>
00039d00:·3c2f·7461·626c·653e·3c70·7265·3e3c·636f··</table><pre><co
00039d10:·6465·3e0a·666f·7220·6620·696e·202f·6574··de>.for·f·in·/et
00039d20:·632f·7375·646f·6572·7320·2f65·7463·2f73··c/sudoers·/etc/s
00039d30:·7564·6f65·7273·2e64·2f2a·203b·2064·6f0a··udoers.d/*·;·do.
00039d40:·2020·6966·205b·2021·202d·6520·2224·6622····if·[·!·-e·"$f"
00039d50:·205d·203b·2074·6865·6e0a·2020·2020·636f···]·;·then.····co
00039d60:·6e74·696e·7565·0a20·2066·690a·2020·6d61··ntinue.··fi.··ma
00039d70:·7463·6869·6e67·5f6c·6973·743d·2428·6772··tching_list=$(gr
00039d80:·6570·202d·5020·275e·283f·2123·292e·2a5b··ep·-P·'^(?!#).*[
00039d90:·5c73·5d2b·5c21·6175·7468·656e·7469·6361··\s]+\!authentica
00039da0:·7465·2e2a·2427·2024·6620·7c20·756e·6971··te.*$'·$f·\|·uniq
00039db0:·2029·0a20·2069·6620·2120·7465·7374·202d···).··if·!·test·-
00039dc0:·7a20·2224·6d61·7463·6869·6e67·5f6c·6973··z·"$matching_lis
00039dd0:·7422·3b20·7468·656e·0a20·2020·2077·6869··t";·then.····whi
00039de0:·6c65·2049·4653·3d20·7265·6164·202d·7220··le·IFS=·read·-r·
00039df0:·656e·7472·793b·2064·6f0a·2020·2020·2020··entry;·do.······
00039e00:·2320·636f·6d6d·656e·7420·6f75·7420·2221··#·comment·out·"!
00039e10:·6175·7468·656e·7469·6361·7465·2220·6d61··authenticate"·ma
00039e20:·7463·6865·7320·746f·2070·7265·7365·7276··tches·to·preserv
00039e30:·6520·7573·6572·2064·6174·610a·2020·2020··e·user·data.····
00039e40:·2020·7365·6420·2d69·2022·732f·5e24·7b65····sed·-i·"s/^${e
00039e50:·6e74·7279·7d24·2f23·2026·616d·703b·2f67··ntry}$/#·&/g
00039e60:·2220·2466·0a20·2020·2064·6f6e·6520·266c··"·$f.····done·&l
00039e70:·743b·266c·743b·266c·743b·2022·246d·6174··t;<<·"$mat
00039e80:·6368·696e·675f·6c69·7374·220a·0a20·2020··ching_list"..···
00039e90:·202f·7573·722f·7362·696e·2f76·6973·7564···/usr/sbin/visud
00039ea0:·6f20·2d63·6620·2466·2026·616d·703b·2667··o·-cf·$f·&&g
00039eb0:·743b·202f·6465·762f·6e75·6c6c·207c·7c20··t;·/dev/null·\|\|·
00039ec0:·6563·686f·2022·4661·696c·2074·6f20·7661··echo·"Fail·to·va
00039ed0:·6c69·6461·7465·2024·6620·7769·7468·2076··lidate·$f·with·v
00039ee0:·6973·7564·6f22·0a20·2066·690a·646f·6e65··isudo".··fi.done
00039ef0:·0a3c·2f63·6f64·653e·3c2f·7072·653e·3c2f··.</code></pre></
00039f00:·6469·763e·3c61·2063·6c61·7373·3d22·6274··div><a·class="bt
00039f10:·6e20·6274·6e2d·7375·6363·6573·7322·2064··n·btn-success"·d
00039f20:·6174·612d·746f·6767·6c65·3d22·636f·6c6c··ata-toggle="coll
00039f30:·6170·7365·2220·6461·7461·2d74·6172·6765··apse"·data-targe
00039f40:·743d·2223·6964·6d31·3735·3522·2074·6162··t="#idm1755"·tab
00039f50:·696e·6465·783d·2230·2220·726f·6c65·3d22··index="0"·role="
00039f60:·6275·7474·6f6e·2220·6172·6961·2d65·7870··button"·aria-exp
00039f70:·616e·6465·643d·2266·616c·7365·2220·7469··anded="false"·ti
00039f80:·746c·653d·2241·6374·6976·6174·6520·746f··tle="Activate·to
00039f90:·2072·6576·6561·6c22·2068·7265·663d·2223···reveal"·href="#
00039fa0:·2122·3e52·656d·6564·6961·7469·6f6e·2041··!">Remediation·A		00039bc0:·2122·3e52·656d·6564·6961·7469·6f6e·2041··!">Remediation·A
00039fb0:·6e73·6962·6c65·2073·6e69·7070·6574·20e2··nsible·snippet·.		00039bd0:·6e73·6962·6c65·2073·6e69·7070·6574·20e2··nsible·snippet·.
00039fc0:·87b2·3c2f·613e·3c62·723e·3c64·6976·2063··..</a><br><div·c		00039be0:·87b2·3c2f·613e·3c62·723e·3c64·6976·2063··..</a><br><div·c
00039fd0:·6c61·7373·3d22·7061·6e65·6c2d·636f·6c6c··lass="panel-coll		00039bf0:·6c61·7373·3d22·7061·6e65·6c2d·636f·6c6c··lass="panel-coll
00039fe0:·6170·7365·2063·6f6c·6c61·7073·6522·2069··apse·collapse"·i		00039c00:·6170·7365·2063·6f6c·6c61·7073·6522·2069··apse·collapse"·i
00039ff0:·643d·2269·646d·3137·3535·223e·3c74·6162··d="idm1755"><tab		00039c10:·643d·2269·646d·3137·3534·223e·3c74·6162··d="idm1754"><tab
0003~~a00~~0:·6c65·2063·6c61·7373·3d22·7461·626c·6520··le·class="table·		00039c20:·6c65·2063·6c61·7373·3d22·7461·626c·6520··le·class="table·
0003~~a01~~0:·7461·626c·652d·7374·7269·7065·6420·7461··table-striped·ta		00039c30:·7461·626c·652d·7374·7269·7065·6420·7461··table-striped·ta
0003~~a02~~0:·626c·652d·626f·7264·6572·6564·2074·6162··ble-bordered·tab		00039c40:·626c·652d·626f·7264·6572·6564·2074·6162··ble-bordered·tab
0003~~a03~~0:·6c65·2d63·6f6e·6465·6e73·6564·223e·3c74··le-condensed"><t		00039c50:·6c65·2d63·6f6e·6465·6e73·6564·223e·3c74··le-condensed"><t
0003~~a04~~0:·723e·3c74·683e·436f·6d70·6c65·7869·7479··r><th>Complexity		00039c60:·723e·3c74·683e·436f·6d70·6c65·7869·7479··r><th>Complexity
0003~~a05~~0:·3a3c·2f74·683e·3c74·643e·6c6f·773c·2f74··:</th><td>low</t		00039c70:·3a3c·2f74·683e·3c74·643e·6c6f·773c·2f74··:</th><td>low</t
0003~~a06~~0:·643e·3c2f·7472·3e3c·7472·3e3c·7468·3e44··d></tr><tr><th>D		00039c80:·643e·3c2f·7472·3e3c·7472·3e3c·7468·3e44··d></tr><tr><th>D
0003~~a07~~0:·6973·7275·7074·696f·6e3a·3c2f·7468·3e3c··isruption:</th><		00039c90:·6973·7275·7074·696f·6e3a·3c2f·7468·3e3c··isruption:</th><
0003~~a08~~0:·7464·3e6c·6f77·3c2f·7464·3e3c·2f74·723e··td>low</td></tr>		00039ca0:·7464·3e6c·6f77·3c2f·7464·3e3c·2f74·723e··td>low</td></tr>
0003~~a09~~0:·3c74·723e·3c74·683e·5265·626f·6f74·3a3c··<tr><th>Reboot:<		00039cb0:·3c74·723e·3c74·683e·5265·626f·6f74·3a3c··<tr><th>Reboot:<
0003~~a0a~~0:·2f74·683e·3c74·643e·6661·6c73·653c·2f74··/th><td>false</t		00039cc0:·2f74·683e·3c74·643e·6661·6c73·653c·2f74··/th><td>false</t
0003~~a0b~~0:·643e·3c2f·7472·3e3c·7472·3e3c·7468·3e53··d></tr><tr><th>S		00039cd0:·643e·3c2f·7472·3e3c·7472·3e3c·7468·3e53··d></tr><tr><th>S
0003~~a0c~~0:·7472·6174·6567·793a·3c2f·7468·3e3c·7464··trategy:</th><td		00039ce0:·7472·6174·6567·793a·3c2f·7468·3e3c·7464··trategy:</th><td
0003~~a0d~~0:·3e72·6573·7472·6963·743c·2f74·643e·3c2f··>restrict</td></		00039cf0:·3e72·6573·7472·6963·743c·2f74·643e·3c2f··>restrict</td></
0003~~a0e~~0:·7472·3e3c·2f74·6162·6c65·3e3c·7072·653e··tr></table><pre>		00039d00:·7472·3e3c·2f74·6162·6c65·3e3c·7072·653e··tr></table><pre>
0003~~a0f~~0:·3c63·6f64·653e·2d20·6e61·6d65·3a20·4669··<code>-·name:·Fi		00039d10:·3c63·6f64·653e·2d20·6e61·6d65·3a20·4669··<code>-·name:·Fi
0003~~a10~~0:·6e64·202f·6574·632f·7375·646f·6572·732e··nd·/etc/sudoers.		00039d20:·6e64·202f·6574·632f·7375·646f·6572·732e··nd·/etc/sudoers.
0003~~a11~~0:·642f·2066·696c·6573·0a20·2061·6e73·6962··d/·files.··ansib		00039d30:·642f·2066·696c·6573·0a20·2061·6e73·6962··d/·files.··ansib
0003~~a12~~0:·6c65·2e62·7569·6c74·696e·2e66·696e·643a··le.builtin.find:		00039d40:·6c65·2e62·7569·6c74·696e·2e66·696e·643a··le.builtin.find:
0003~~a13~~0:·0a20·2020·2070·6174·6873·3a0a·2020·2020··.····paths:.····		00039d50:·0a20·2020·2070·6174·6873·3a0a·2020·2020··.····paths:.····
0003~~a14~~0:·2d20·2f65·7463·2f73·7564·6f65·7273·2e64··-·/etc/sudoers.d		00039d60:·2d20·2f65·7463·2f73·7564·6f65·7273·2e64··-·/etc/sudoers.d
0003~~a15~~0:·2f0a·2020·7265·6769·7374·6572·3a20·7375··/.··register:·su		00039d70:·2f0a·2020·7265·6769·7374·6572·3a20·7375··/.··register:·su
0003~~a16~~0:·646f·6572·730a·2020·7461·6773·3a0a·2020··doers.··tags:.··		00039d80:·646f·6572·730a·2020·7461·6773·3a0a·2020··doers.··tags:.··
0003~~a17~~0:·2d20·4e49·5354·2d38·3030·2d35·332d·434d··-·NIST-800-53-CM		00039d90:·2d20·4e49·5354·2d38·3030·2d35·332d·434d··-·NIST-800-53-CM
0003~~a18~~0:·2d36·2861·290a·2020·2d20·4e49·5354·2d38··-6(a).··-·NIST-8		00039da0:·2d36·2861·290a·2020·2d20·4e49·5354·2d38··-6(a).··-·NIST-8
0003~~a19~~0:·3030·2d35·332d·4941·2d31·310a·2020·2d20··00-53-IA-11.··-·		00039db0:·3030·2d35·332d·4941·2d31·310a·2020·2d20··00-53-IA-11.··-·
0003~~a1a~~0:·6c6f·775f·636f·6d70·6c65·7869·7479·0a20··low_complexity.·		00039dc0:·6c6f·775f·636f·6d70·6c65·7869·7479·0a20··low_complexity.·
0003~~a1b~~0:·202d·206c·6f77·5f64·6973·7275·7074·696f···-·low_disruptio		00039dd0:·202d·206c·6f77·5f64·6973·7275·7074·696f···-·low_disruptio
0003~~a1c~~0:·6e0a·2020·2d20·6d65·6469·756d·5f73·6576··n.··-·medium_sev		00039de0:·6e0a·2020·2d20·6d65·6469·756d·5f73·6576··n.··-·medium_sev
0003~~a1d~~0:·6572·6974·790a·2020·2d20·6e6f·5f72·6562··erity.··-·no_reb		00039df0:·6572·6974·790a·2020·2d20·6e6f·5f72·6562··erity.··-·no_reb
0003~~a1e~~0:·6f6f·745f·6e65·6564·6564·0a20·202d·2072··oot_needed.··-·r		00039e00:·6f6f·745f·6e65·6564·6564·0a20·202d·2072··oot_needed.··-·r
0003~~a1f~~0:·6573·7472·6963·745f·7374·7261·7465·6779··estrict_strategy		00039e10:·6573·7472·6963·745f·7374·7261·7465·6779··estrict_strategy
0003~~a20~~0:·0a20·202d·2073·7564·6f5f·7265·6d6f·7665··.··-·sudo_remove		00039e20:·0a20·202d·2073·7564·6f5f·7265·6d6f·7665··.··-·sudo_remove
0003~~a21~~0:·5f6e·6f5f·6175·7468·656e·7469·6361·7465··_no_authenticate		00039e30:·5f6e·6f5f·6175·7468·656e·7469·6361·7465··_no_authenticate
0003~~a22~~0:·0a0a·2d20·6e61·6d65·3a20·5265·6d6f·7665··..-·name:·Remove		00039e40:·0a0a·2d20·6e61·6d65·3a20·5265·6d6f·7665··..-·name:·Remove
0003~~a23~~0:·206c·696e·6573·2063·6f6e·7461·696e·696e···lines·containin		00039e50:·206c·696e·6573·2063·6f6e·7461·696e·696e···lines·containin
Max diff block lines reached; 250530/270594 bytes (92.59%) of diff not shown.


Offset 36, 15 lines modified		Offset 36, 15 lines modified
36	\x8\x8\x8\x8\x8·P\x8Pr\x8ro\x8of\x8fi\x8il\x8le\x8e·I\x8In\x8nf\x8fo\x8or\x8rm\x8ma\x8at\x8ti\x8io\x8on\x8n·\x8\x8\x8\x8\x8	36	\x8\x8\x8\x8\x8·P\x8Pr\x8ro\x8of\x8fi\x8il\x8le\x8e·I\x8In\x8nf\x8fo\x8or\x8rm\x8ma\x8at\x8ti\x8io\x8on\x8n·\x8\x8\x8\x8\x8
37	P\x8Pr\x8ro\x8of\x8fi\x8il\x8le\x8e·T\x8Ti\x8it\x8tl\x8le\x8e·Profile·for·ANSSI·DAT-NT28·Minimal·Level	37	P\x8Pr\x8ro\x8of\x8fi\x8il\x8le\x8e·T\x8Ti\x8it\x8tl\x8le\x8e·Profile·for·ANSSI·DAT-NT28·Minimal·Level
38	P\x8Pr\x8ro\x8of\x8fi\x8il\x8le\x8e·I\x8ID\x8D····xccdf_org.ssgproject.content_profile_anssi_np_nt28_minimal	38	P\x8Pr\x8ro\x8of\x8fi\x8il\x8le\x8e·I\x8ID\x8D····xccdf_org.ssgproject.content_profile_anssi_np_nt28_minimal
39	\x8\x8\x8·C\x8CP\x8PE\x8E·P\x8Pl\x8la\x8at\x8tf\x8fo\x8or\x8rm\x8ms\x8s·\x8\x8\x8	39	\x8\x8\x8·C\x8CP\x8PE\x8E·P\x8Pl\x8la\x8at\x8tf\x8fo\x8or\x8rm\x8ms\x8s·\x8\x8\x8
40	····*·cpe:/o:canonical:ubuntu_linux:16.04::~~lts~~~	40	····*·cpe:/o:canonical:ubuntu_linux:16.04::~~lts~~~
41	\x8\x8\x8\x8\x8·R\x8Re\x8ev\x8vi\x8is\x8si\x8io\x8on\x8n·H\x8Hi\x8is\x8st\x8to\x8or\x8ry\x8y·\x8\x8\x8\x8\x8	41	\x8\x8\x8\x8\x8·R\x8Re\x8ev\x8vi\x8is\x8si\x8io\x8on\x8n·H\x8Hi\x8is\x8st\x8to\x8or\x8ry\x8y·\x8\x8\x8\x8\x8
42	Current·version:·0\x80.\x8.1\x81.\x8.7\x874\x84	42	Current·version:·0\x80.\x8.1\x81.\x8.7\x874\x84
43	····*·d\x8dr\x8ra\x8af\x8ft\x8t·(as·of·2026-01-08)	43	····*·d\x8dr\x8ra\x8af\x8ft\x8t·(as·of·2024-12-07)
44	\x8\x8\x8\x8\x8·T\x8Ta\x8ab\x8bl\x8le\x8e·o\x8of\x8f·C\x8Co\x8on\x8nt\x8te\x8en\x8nt\x8ts\x8s·\x8\x8\x8\x8\x8	44	\x8\x8\x8\x8\x8·T\x8Ta\x8ab\x8bl\x8le\x8e·o\x8of\x8f·C\x8Co\x8on\x8nt\x8te\x8en\x8nt\x8ts\x8s·\x8\x8\x8\x8\x8
45	···1.·_\x8S_\x8y_\x8s_\x8t_\x8e_\x8m_\x8·_\x8S_\x8e_\x8t_\x8t_\x8i_\x8n_\x8g_\x8s	45	···1.·_\x8S_\x8y_\x8s_\x8t_\x8e_\x8m_\x8·_\x8S_\x8e_\x8t_\x8t_\x8i_\x8n_\x8g_\x8s
46	·········1.·_\x8I_\x8n_\x8s_\x8t_\x8a_\x8l_\x8l_\x8i_\x8n_\x8g_\x8·_\x8a_\x8n_\x8d_\x8·_\x8M_\x8a_\x8i_\x8n_\x8t_\x8a_\x8i_\x8n_\x8i_\x8n_\x8g_\x8·_\x8S_\x8o_\x8f_\x8t_\x8w_\x8a_\x8r_\x8e	46	·········1.·_\x8I_\x8n_\x8s_\x8t_\x8a_\x8l_\x8l_\x8i_\x8n_\x8g_\x8·_\x8a_\x8n_\x8d_\x8·_\x8M_\x8a_\x8i_\x8n_\x8t_\x8a_\x8i_\x8n_\x8i_\x8n_\x8g_\x8·_\x8S_\x8o_\x8f_\x8t_\x8w_\x8a_\x8r_\x8e
47	·········2.·_\x8F_\x8i_\x8l_\x8e_\x8·_\x8P_\x8e_\x8r_\x8m_\x8i_\x8s_\x8s_\x8i_\x8o_\x8n_\x8s_\x8·_\x8a_\x8n_\x8d_\x8·_\x8M_\x8a_\x8s_\x8k_\x8s	47	·········2.·_\x8F_\x8i_\x8l_\x8e_\x8·_\x8P_\x8e_\x8r_\x8m_\x8i_\x8s_\x8s_\x8i_\x8o_\x8n_\x8s_\x8·_\x8a_\x8n_\x8d_\x8·_\x8M_\x8a_\x8s_\x8k_\x8s
48	···2.·_\x8S_\x8e_\x8r_\x8v_\x8i_\x8c_\x8e_\x8s	48	···2.·_\x8S_\x8e_\x8r_\x8v_\x8i_\x8c_\x8e_\x8s
49	·········1.·_\x8A_\x8P_\x8T_\x8·_\x8s_\x8e_\x8r_\x8v_\x8i_\x8c_\x8e_\x8·_\x8c_\x8o_\x8n_\x8f_\x8i_\x8g_\x8u_\x8r_\x8a_\x8t_\x8i_\x8o_\x8n	49	·········1.·_\x8A_\x8P_\x8T_\x8·_\x8s_\x8e_\x8r_\x8v_\x8i_\x8c_\x8e_\x8·_\x8c_\x8o_\x8n_\x8f_\x8i_\x8g_\x8u_\x8r_\x8a_\x8t_\x8i_\x8o_\x8n
50	·········2.·_\x8D_\x8e_\x8p_\x8r_\x8e_\x8c_\x8a_\x8t_\x8e_\x8d_\x8·_\x8s_\x8e_\x8r_\x8v_\x8i_\x8c_\x8e_\x8s	50	·········2.·_\x8D_\x8e_\x8p_\x8r_\x8e_\x8c_\x8a_\x8t_\x8e_\x8d_\x8·_\x8s_\x8e_\x8r_\x8v_\x8i_\x8c_\x8e_\x8s
Offset 90, 35 lines modified		Offset 90, 14 lines modified
90	···························1.7,·SR·1.8,·SR·1.9	90	···························1.7,·SR·1.8,·SR·1.9
91	············_\x8i_\x8s_\x8o_\x82_\x87_\x80_\x80_\x81_\x8-_\x82_\x80_\x81_\x83··A.18.1.4,·A.9.2.1,·A.9.2.2,·A.9.2.3,·A.9.2.4,	91	············_\x8i_\x8s_\x8o_\x82_\x87_\x80_\x80_\x81_\x8-_\x82_\x80_\x81_\x83··A.18.1.4,·A.9.2.1,·A.9.2.2,·A.9.2.3,·A.9.2.4,
92	···························A.9.2.6,·A.9.3.1,·A.9.4.2,·A.9.4.3	92	···························A.9.2.6,·A.9.3.1,·A.9.4.2,·A.9.4.3
93	············_\x8n_\x8i_\x8s_\x8t···········IA-11,·CM-6(a)	93	············_\x8n_\x8i_\x8s_\x8t···········IA-11,·CM-6(a)
94	············_\x8n_\x8i_\x8s_\x8t_\x8-_\x8c_\x8s_\x8f·······PR.AC-1,·PR.AC-7	94	············_\x8n_\x8i_\x8s_\x8t_\x8-_\x8c_\x8s_\x8f·······PR.AC-1,·PR.AC-7
95	············_\x8o_\x8s_\x8-_\x8s_\x8r_\x8g·········SRG-OS-000373-GPOS-00156,·SRG-OS-000373-GPOS-00157,	95	············_\x8o_\x8s_\x8-_\x8s_\x8r_\x8g·········SRG-OS-000373-GPOS-00156,·SRG-OS-000373-GPOS-00157,
96	···························SRG-OS-000373-GPOS-00158	96	···························SRG-OS-000373-GPOS-00158
97	_\x8R_\x8e_\x8m_\x8e_\x8d_\x8i_\x8a_\x8t_\x8i_\x8o_\x8n_\x8·_\x8S_\x8h_\x8e_\x8l_\x8l_\x8·_\x8s_\x8c_\x8r_\x8i_\x8p_\x8t_\x8·_\x8⇲
98	C\x8Co\x8om\x8mp\x8pl\x8le\x8ex\x8xi\x8it\x8ty\x8y:\x8:·low
99	D\x8Di\x8is\x8sr\x8ru\x8up\x8pt\x8ti\x8io\x8on\x8n:\x8:·low
100	R\x8Re\x8eb\x8bo\x8oo\x8ot\x8t:\x8:·····false
101	S\x8St\x8tr\x8ra\x8at\x8te\x8eg\x8gy\x8y:\x8:···restrict

102	for·f·in·/etc/sudoers·/etc/sudoers.d/*·;·do
103	··if·[·!·-e·"$f"·]·;·then
104	····continue
105	··fi
106	··matching_list=$(grep·-P·'^(?!#).[\s]+\!authenticate.$'·$f·\|·uniq·)
107	··if·!·test·-z·"$matching_list";·then
108	····while·IFS=·read·-r·entry;·do
109	······#·comment·out·"!authenticate"·matches·to·preserve·user·data
110	······sed·-i·"s/^${entry}$/#·&/g"·$f
111	····done·<<<·"$matching_list"

112	····/usr/sbin/visudo·-cf·$f·&>·/dev/null·\|\|·echo·"Fail·to·validate·$f·with
113	visudo"
114	··fi
115	done
116	_\x8R_\x8e_\x8m_\x8e_\x8d_\x8i_\x8a_\x8t_\x8i_\x8o_\x8n_\x8·_\x8A_\x8n_\x8s_\x8i_\x8b_\x8l_\x8e_\x8·_\x8s_\x8n_\x8i_\x8p_\x8p_\x8e_\x8t_\x8·_\x8⇲	97	_\x8R_\x8e_\x8m_\x8e_\x8d_\x8i_\x8a_\x8t_\x8i_\x8o_\x8n_\x8·_\x8A_\x8n_\x8s_\x8i_\x8b_\x8l_\x8e_\x8·_\x8s_\x8n_\x8i_\x8p_\x8p_\x8e_\x8t_\x8·_\x8⇲
117	C\x8Co\x8om\x8mp\x8pl\x8le\x8ex\x8xi\x8it\x8ty\x8y:\x8:·low	98	C\x8Co\x8om\x8mp\x8pl\x8le\x8ex\x8xi\x8it\x8ty\x8y:\x8:·low
118	D\x8Di\x8is\x8sr\x8ru\x8up\x8pt\x8ti\x8io\x8on\x8n:\x8:·low	99	D\x8Di\x8is\x8sr\x8ru\x8up\x8pt\x8ti\x8io\x8on\x8n:\x8:·low
119	R\x8Re\x8eb\x8bo\x8oo\x8ot\x8t:\x8:·····false	100	R\x8Re\x8eb\x8bo\x8oo\x8ot\x8t:\x8:·····false
120	S\x8St\x8tr\x8ra\x8at\x8te\x8eg\x8gy\x8y:\x8:···restrict	101	S\x8St\x8tr\x8ra\x8at\x8te\x8eg\x8gy\x8y:\x8:···restrict
121	-·name:·Find·/etc/sudoers.d/·files	102	-·name:·Find·/etc/sudoers.d/·files
122	··ansible.builtin.find:	103	··ansible.builtin.find:
Offset 149, 14 lines modified		Offset 128, 35 lines modified
149	··-·NIST-800-53-IA-11	128	··-·NIST-800-53-IA-11
150	··-·low_complexity	129	··-·low_complexity
151	··-·low_disruption	130	··-·low_disruption
152	··-·medium_severity	131	··-·medium_severity
153	··-·no_reboot_needed	132	··-·no_reboot_needed
154	··-·restrict_strategy	133	··-·restrict_strategy
155	··-·sudo_remove_no_authenticate	134	··-·sudo_remove_no_authenticate
		135	_\x8R_\x8e_\x8m_\x8e_\x8d_\x8i_\x8a_\x8t_\x8i_\x8o_\x8n_\x8·_\x8S_\x8h_\x8e_\x8l_\x8l_\x8·_\x8s_\x8c_\x8r_\x8i_\x8p_\x8t_\x8·_\x8⇲
		136	C\x8Co\x8om\x8mp\x8pl\x8le\x8ex\x8xi\x8it\x8ty\x8y:\x8:·low
		137	D\x8Di\x8is\x8sr\x8ru\x8up\x8pt\x8ti\x8io\x8on\x8n:\x8:·low
		138	R\x8Re\x8eb\x8bo\x8oo\x8ot\x8t:\x8:·····false
		139	S\x8St\x8tr\x8ra\x8at\x8te\x8eg\x8gy\x8y:\x8:···restrict

		140	for·f·in·/etc/sudoers·/etc/sudoers.d/*·;·do
		141	··if·[·!·-e·"$f"·]·;·then
		142	····continue
		143	··fi
		144	··matching_list=$(grep·-P·'^(?!#).[\s]+\!authenticate.$'·$f·\|·uniq·)
		145	··if·!·test·-z·"$matching_list";·then
		146	····while·IFS=·read·-r·entry;·do
		147	······#·comment·out·"!authenticate"·matches·to·preserve·user·data
		148	······sed·-i·"s/^${entry}$/#·&/g"·$f
		149	····done·<<<·"$matching_list"

		150	····/usr/sbin/visudo·-cf·$f·&>·/dev/null·\|\|·echo·"Fail·to·validate·$f·with
		151	visudo"
		152	··fi
		153	done
156	\x8\x8\x8·R\x8Ru\x8ul\x8le\x8e?\x8 ?\x8 ·E\x8En\x8ns\x8su\x8ur\x8re\x8e·U\x8Us\x8se\x8er\x8rs\x8s·R\x8Re\x8e-\x8-A\x8Au\x8ut\x8th\x8he\x8en\x8nt\x8ti\x8ic\x8ca\x8at\x8te\x8e·f\x8fo\x8or\x8r·P\x8Pr\x8ri\x8iv\x8vi\x8il\x8le\x8eg\x8ge\x8e·E\x8Es\x8sc\x8ca\x8al\x8la\x8at\x8ti\x8io\x8on\x8n·-\x8-·s\x8su\x8ud\x8do\x8o	154	\x8\x8\x8·R\x8Ru\x8ul\x8le\x8e?\x8 ?\x8 ·E\x8En\x8ns\x8su\x8ur\x8re\x8e·U\x8Us\x8se\x8er\x8rs\x8s·R\x8Re\x8e-\x8-A\x8Au\x8ut\x8th\x8he\x8en\x8nt\x8ti\x8ic\x8ca\x8at\x8te\x8e·f\x8fo\x8or\x8r·P\x8Pr\x8ri\x8iv\x8vi\x8il\x8le\x8eg\x8ge\x8e·E\x8Es\x8sc\x8ca\x8al\x8la\x8at\x8ti\x8io\x8on\x8n·-\x8-·s\x8su\x8ud\x8do\x8o
157	N\x8NO\x8OP\x8PA\x8AS\x8SS\x8SW\x8WD\x8D·?\x8 ?\x8 _\x8[\x8[_\x8r\x8r_\x8e\x8e_\x8f\x8f_\x8]\x8]·\x8\x8\x8	155	N\x8NO\x8OP\x8PA\x8AS\x8SS\x8SW\x8WD\x8D·?\x8 ?\x8 _\x8[\x8[_\x8r\x8r_\x8e\x8e_\x8f\x8f_\x8]\x8]·\x8\x8\x8
158	The·sudo·NOPASSWD·tag,·when·specified,·allows·a·user·to·execute·commands·using	156	The·sudo·NOPASSWD·tag,·when·specified,·allows·a·user·to·execute·commands·using
159	sudo·without·having·to·authenticate.·This·should·be·disabled·by·making·sure	157	sudo·without·having·to·authenticate.·This·should·be·disabled·by·making·sure
160	that·the·NOPASSWD·tag·does·not·exist·in·/etc/sudoers·configuration·file·or·any	158	that·the·NOPASSWD·tag·does·not·exist·in·/etc/sudoers·configuration·file·or·any
161	sudo·configuration·snippets·in·/etc/sudoers.d/.	159	sudo·configuration·snippets·in·/etc/sudoers.d/.
162	············Without·re-authentication,·users·may·access·resources·or·perform	160	············Without·re-authentication,·users·may·access·resources·or·perform
Offset 177, 35 lines modified		Offset 177, 14 lines modified
177	···························1.7,·SR·1.8,·SR·1.9	177	···························1.7,·SR·1.8,·SR·1.9
178	············_\x8i_\x8s_\x8o_\x82_\x87_\x80_\x80_\x81_\x8-_\x82_\x80_\x81_\x83··A.18.1.4,·A.9.2.1,·A.9.2.2,·A.9.2.3,·A.9.2.4,	178	············_\x8i_\x8s_\x8o_\x82_\x87_\x80_\x80_\x81_\x8-_\x82_\x80_\x81_\x83··A.18.1.4,·A.9.2.1,·A.9.2.2,·A.9.2.3,·A.9.2.4,
179	···························A.9.2.6,·A.9.3.1,·A.9.4.2,·A.9.4.3	179	···························A.9.2.6,·A.9.3.1,·A.9.4.2,·A.9.4.3
180	············_\x8n_\x8i_\x8s_\x8t···········IA-11,·CM-6(a)	180	············_\x8n_\x8i_\x8s_\x8t···········IA-11,·CM-6(a)
181	············_\x8n_\x8i_\x8s_\x8t_\x8-_\x8c_\x8s_\x8f·······PR.AC-1,·PR.AC-7	181	············_\x8n_\x8i_\x8s_\x8t_\x8-_\x8c_\x8s_\x8f·······PR.AC-1,·PR.AC-7
182	············_\x8o_\x8s_\x8-_\x8s_\x8r_\x8g·········SRG-OS-000373-GPOS-00156,·SRG-OS-000373-GPOS-00157,	182	············_\x8o_\x8s_\x8-_\x8s_\x8r_\x8g·········SRG-OS-000373-GPOS-00156,·SRG-OS-000373-GPOS-00157,
183	···························SRG-OS-000373-GPOS-00158	183	···························SRG-OS-000373-GPOS-00158
184	_\x8R_\x8e_\x8m_\x8e_\x8d_\x8i_\x8a_\x8t_\x8i_\x8o_\x8n_\x8·_\x8S_\x8h_\x8e_\x8l_\x8l_\x8·_\x8s_\x8c_\x8r_\x8i_\x8p_\x8t_\x8·_\x8⇲
185	C\x8Co\x8om\x8mp\x8pl\x8le\x8ex\x8xi\x8it\x8ty\x8y:\x8:·low
186	D\x8Di\x8is\x8sr\x8ru\x8up\x8pt\x8ti\x8io\x8on\x8n:\x8:·low
187	R\x8Re\x8eb\x8bo\x8oo\x8ot\x8t:\x8:·····false
188	S\x8St\x8tr\x8ra\x8at\x8te\x8eg\x8gy\x8y:\x8:···restrict

189	for·f·in·/etc/sudoers·/etc/sudoers.d/*·;·do
190	··if·[·!·-e·"$f"·]·;·then
191	····continue
192	··fi
193	··matching_list=$(grep·-P·'^(?!#).[\s]+NOPASSWD[\s]\:.*$'·$f·\|·uniq·)
194	··if·!·test·-z·"$matching_list";·then
195	····while·IFS=·read·-r·entry;·do
196	······#·comment·out·"NOPASSWD"·matches·to·preserve·user·data
197	······sed·-i·"s/^${entry}$/#·&/g"·$f
198	····done·<<<·"$matching_list"

199	····/usr/sbin/visudo·-cf·$f·&>·/dev/null·\|\|·echo·"Fail·to·validate·$f·with
200	visudo"
201	··fi
202	done
203	_\x8R_\x8e_\x8m_\x8e_\x8d_\x8i_\x8a_\x8t_\x8i_\x8o_\x8n_\x8·_\x8A_\x8n_\x8s_\x8i_\x8b_\x8l_\x8e_\x8·_\x8s_\x8n_\x8i_\x8p_\x8p_\x8e_\x8t_\x8·_\x8⇲	184	_\x8R_\x8e_\x8m_\x8e_\x8d_\x8i_\x8a_\x8t_\x8i_\x8o_\x8n_\x8·_\x8A_\x8n_\x8s_\x8i_\x8b_\x8l_\x8e_\x8·_\x8s_\x8n_\x8i_\x8p_\x8p_\x8e_\x8t_\x8·_\x8⇲
204	C\x8Co\x8om\x8mp\x8pl\x8le\x8ex\x8xi\x8it\x8ty\x8y:\x8:·low	185	C\x8Co\x8om\x8mp\x8pl\x8le\x8ex\x8xi\x8it\x8ty\x8y:\x8:·low
205	D\x8Di\x8is\x8sr\x8ru\x8up\x8pt\x8ti\x8io\x8on\x8n:\x8:·low	186	D\x8Di\x8is\x8sr\x8ru\x8up\x8pt\x8ti\x8io\x8on\x8n:\x8:·low
206	R\x8Re\x8eb\x8bo\x8oo\x8ot\x8t:\x8:·····false	187	R\x8Re\x8eb\x8bo\x8oo\x8ot\x8t:\x8:·····false
207	S\x8St\x8tr\x8ra\x8at\x8te\x8eg\x8gy\x8y:\x8:···restrict	188	S\x8St\x8tr\x8ra\x8at\x8te\x8eg\x8gy\x8y:\x8:···restrict
208	-·name:·Find·/etc/sudoers.d/·files	189	-·name:·Find·/etc/sudoers.d/·files
209	··ansible.builtin.find:	190	··ansible.builtin.find:
Offset 236, 14 lines modified		Offset 215, 35 lines modified
236	··-·NIST-800-53-IA-11	215	··-·NIST-800-53-IA-11
237	··-·low_complexity	216	··-·low_complexity
238	··-·low_disruption	217	··-·low_disruption
Max diff block lines reached; 32794/38535 bytes (85.10%) of diff not shown.


Offset 14285, 15 lines modified		Offset 14285, 15 lines modified
00037cc0:·2048·6973·746f·7279·3c2f·6832·3e3c·703e···History</h2><p>		00037cc0:·2048·6973·746f·7279·3c2f·6832·3e3c·703e···History</h2><p>
00037cd0:·4375·7272·656e·7420·7665·7273·696f·6e3a··Current·version:		00037cd0:·4375·7272·656e·7420·7665·7273·696f·6e3a··Current·version:
00037ce0:·203c·7374·726f·6e67·3e30·2e31·2e37·343c···<strong>0.1.74<		00037ce0:·203c·7374·726f·6e67·3e30·2e31·2e37·343c···<strong>0.1.74<
00037cf0:·2f73·7472·6f6e·673e·3c2f·703e·3c75·6c3e··/strong></p><ul>		00037cf0:·2f73·7472·6f6e·673e·3c2f·703e·3c75·6c3e··/strong></p><ul>
00037d00:·3c6c·693e·3c73·7472·6f6e·673e·6472·6166··<li><strong>draf		00037d00:·3c6c·693e·3c73·7472·6f6e·673e·6472·6166··<li><strong>draf
00037d10:·743c·2f73·7472·6f6e·673e·0a20·2020·2020··t</strong>.·····		00037d10:·743c·2f73·7472·6f6e·673e·0a20·2020·2020··t</strong>.·····
00037d20:·2020·2020·2020·2020·2020·2020·2020·2028·················(		00037d20:·2020·2020·2020·2020·2020·2020·2020·2028·················(
00037d30:·6173·206f·6620·3230·3236·2d30·312d·3038··as·of·2026-01-08		00037d30:·6173·206f·6620·3230·3234·2d31·322d·3037··as·of·2024-12-07
00037d40:·290a·2020·2020·2020·2020·2020·2020·2020··).··············		00037d40:·290a·2020·2020·2020·2020·2020·2020·2020··).··············
00037d50:·2020·3c2f·6c69·3e3c·2f75·6c3e·3c2f·6469····</li></ul></di		00037d50:·2020·3c2f·6c69·3e3c·2f75·6c3e·3c2f·6469····</li></ul></di
00037d60:·763e·3c68·323e·5461·626c·6520·6f66·2043··v><h2>Table·of·C		00037d60:·763e·3c68·323e·5461·626c·6520·6f66·2043··v><h2>Table·of·C
00037d70:·6f6e·7465·6e74·733c·2f68·323e·3c6f·6c3e··ontents</h2><ol>		00037d70:·6f6e·7465·6e74·733c·2f68·323e·3c6f·6c3e··ontents</h2><ol>
00037d80:·3c6c·693e·3c61·2068·7265·663d·2223·7863··<li><a·href="#xc		00037d80:·3c6c·693e·3c61·2068·7265·663d·2223·7863··<li><a·href="#xc
00037d90:·6364·665f·6f72·672e·7373·6770·726f·6a65··cdf_org.ssgproje		00037d90:·6364·665f·6f72·672e·7373·6770·726f·6a65··cdf_org.ssgproje
00037da0:·6374·2e63·6f6e·7465·6e74·5f67·726f·7570··ct.content_group		00037da0:·6374·2e63·6f6e·7465·6e74·5f67·726f·7570··ct.content_group
Offset 16015, 146 lines modified		Offset 16015, 146 lines modified
0003e8e0:·2220·6461·7461·2d74·6172·6765·743d·2223··"·data-target="#		0003e8e0:·2220·6461·7461·2d74·6172·6765·743d·2223··"·data-target="#
0003e8f0:·6964·6d31·3735·3422·2074·6162·696e·6465··idm1754"·tabinde		0003e8f0:·6964·6d31·3735·3422·2074·6162·696e·6465··idm1754"·tabinde
0003e900:·783d·2230·2220·726f·6c65·3d22·6275·7474··x="0"·role="butt		0003e900:·783d·2230·2220·726f·6c65·3d22·6275·7474··x="0"·role="butt
0003e910:·6f6e·2220·6172·6961·2d65·7870·616e·6465··on"·aria-expande		0003e910:·6f6e·2220·6172·6961·2d65·7870·616e·6465··on"·aria-expande
0003e920:·643d·2266·616c·7365·2220·7469·746c·653d··d="false"·title=		0003e920:·643d·2266·616c·7365·2220·7469·746c·653d··d="false"·title=
0003e930:·2241·6374·6976·6174·6520·746f·2072·6576··"Activate·to·rev		0003e930:·2241·6374·6976·6174·6520·746f·2072·6576··"Activate·to·rev
0003e940:·6561·6c22·2068·7265·663d·2223·2122·3e52··eal"·href="#!">R		0003e940:·6561·6c22·2068·7265·663d·2223·2122·3e52··eal"·href="#!">R
0003e950:·656d·6564·6961·7469·6f6e·2053·6865·6c6c··emediation·Shell
0003e960:·2073·6372·6970·7420·e287·b23c·2f61·3e3c···script·...</a><
0003e970:·6272·3e3c·6469·7620·636c·6173·733d·2270··br><div·class="p
0003e980:·616e·656c·2d63·6f6c·6c61·7073·6520·636f··anel-collapse·co
0003e990:·6c6c·6170·7365·2220·6964·3d22·6964·6d31··llapse"·id="idm1
0003e9a0:·3735·3422·3e3c·7461·626c·6520·636c·6173··754"><table·clas
0003e9b0:·733d·2274·6162·6c65·2074·6162·6c65·2d73··s="table·table-s
0003e9c0:·7472·6970·6564·2074·6162·6c65·2d62·6f72··triped·table-bor
0003e9d0:·6465·7265·6420·7461·626c·652d·636f·6e64··dered·table-cond
0003e9e0:·656e·7365·6422·3e3c·7472·3e3c·7468·3e43··ensed"><tr><th>C
0003e9f0:·6f6d·706c·6578·6974·793a·3c2f·7468·3e3c··omplexity:</th><
0003ea00:·7464·3e6c·6f77·3c2f·7464·3e3c·2f74·723e··td>low</td></tr>
0003ea10:·3c74·723e·3c74·683e·4469·7372·7570·7469··<tr><th>Disrupti
0003ea20:·6f6e·3a3c·2f74·683e·3c74·643e·6c6f·773c··on:</th><td>low<
0003ea30:·2f74·643e·3c2f·7472·3e3c·7472·3e3c·7468··/td></tr><tr><th
0003ea40:·3e52·6562·6f6f·743a·3c2f·7468·3e3c·7464··>Reboot:</th><td
0003ea50:·3e66·616c·7365·3c2f·7464·3e3c·2f74·723e··>false</td></tr>
0003ea60:·3c74·723e·3c74·683e·5374·7261·7465·6779··<tr><th>Strategy
0003ea70:·3a3c·2f74·683e·3c74·643e·7265·7374·7269··:</th><td>restri
0003ea80:·6374·3c2f·7464·3e3c·2f74·723e·3c2f·7461··ct</td></tr></ta
0003ea90:·626c·653e·3c70·7265·3e3c·636f·6465·3e0a··ble><pre><code>.
0003eaa0:·666f·7220·6620·696e·202f·6574·632f·7375··for·f·in·/etc/su
0003eab0:·646f·6572·7320·2f65·7463·2f73·7564·6f65··doers·/etc/sudoe
0003eac0:·7273·2e64·2f2a·203b·2064·6f0a·2020·6966··rs.d/*·;·do.··if
0003ead0:·205b·2021·202d·6520·2224·6622·205d·203b···[·!·-e·"$f"·]·;
0003eae0:·2074·6865·6e0a·2020·2020·636f·6e74·696e···then.····contin
0003eaf0:·7565·0a20·2066·690a·2020·6d61·7463·6869··ue.··fi.··matchi
0003eb00:·6e67·5f6c·6973·743d·2428·6772·6570·202d··ng_list=$(grep·-
0003eb10:·5020·275e·283f·2123·292e·2a5b·5c73·5d2b··P·'^(?!#).*[\s]+
0003eb20:·5c21·6175·7468·656e·7469·6361·7465·2e2a··\!authenticate.*
0003eb30:·2427·2024·6620·7c20·756e·6971·2029·0a20··$'·$f·\|·uniq·).·
0003eb40:·2069·6620·2120·7465·7374·202d·7a20·2224···if·!·test·-z·"$
0003eb50:·6d61·7463·6869·6e67·5f6c·6973·7422·3b20··matching_list";·
0003eb60:·7468·656e·0a20·2020·2077·6869·6c65·2049··then.····while·I
0003eb70:·4653·3d20·7265·6164·202d·7220·656e·7472··FS=·read·-r·entr
0003eb80:·793b·2064·6f0a·2020·2020·2020·2320·636f··y;·do.······#·co
0003eb90:·6d6d·656e·7420·6f75·7420·2221·6175·7468··mment·out·"!auth
0003eba0:·656e·7469·6361·7465·2220·6d61·7463·6865··enticate"·matche
0003ebb0:·7320·746f·2070·7265·7365·7276·6520·7573··s·to·preserve·us
0003ebc0:·6572·2064·6174·610a·2020·2020·2020·7365··er·data.······se
0003ebd0:·6420·2d69·2022·732f·5e24·7b65·6e74·7279··d·-i·"s/^${entry
0003ebe0:·7d24·2f23·2026·616d·703b·2f67·2220·2466··}$/#·&/g"·$f
0003ebf0:·0a20·2020·2064·6f6e·6520·266c·743b·266c··.····done·<&l
0003ec00:·743b·266c·743b·2022·246d·6174·6368·696e··t;<·"$matchin
0003ec10:·675f·6c69·7374·220a·0a20·2020·202f·7573··g_list"..····/us
0003ec20:·722f·7362·696e·2f76·6973·7564·6f20·2d63··r/sbin/visudo·-c
0003ec30:·6620·2466·2026·616d·703b·2667·743b·202f··f·$f·&>·/
0003ec40:·6465·762f·6e75·6c6c·207c·7c20·6563·686f··dev/null·\|\|·echo
0003ec50:·2022·4661·696c·2074·6f20·7661·6c69·6461···"Fail·to·valida
0003ec60:·7465·2024·6620·7769·7468·2076·6973·7564··te·$f·with·visud
0003ec70:·6f22·0a20·2066·690a·646f·6e65·0a3c·2f63··o".··fi.done.</c
0003ec80:·6f64·653e·3c2f·7072·653e·3c2f·6469·763e··ode></pre></div>
0003ec90:·3c61·2063·6c61·7373·3d22·6274·6e20·6274··<a·class="btn·bt
0003eca0:·6e2d·7375·6363·6573·7322·2064·6174·612d··n-success"·data-
0003ecb0:·746f·6767·6c65·3d22·636f·6c6c·6170·7365··toggle="collapse
0003ecc0:·2220·6461·7461·2d74·6172·6765·743d·2223··"·data-target="#
0003ecd0:·6964·6d31·3735·3522·2074·6162·696e·6465··idm1755"·tabinde
0003ece0:·783d·2230·2220·726f·6c65·3d22·6275·7474··x="0"·role="butt
0003ecf0:·6f6e·2220·6172·6961·2d65·7870·616e·6465··on"·aria-expande
0003ed00:·643d·2266·616c·7365·2220·7469·746c·653d··d="false"·title=
0003ed10:·2241·6374·6976·6174·6520·746f·2072·6576··"Activate·to·rev
0003ed20:·6561·6c22·2068·7265·663d·2223·2122·3e52··eal"·href="#!">R
0003ed30:·656d·6564·6961·7469·6f6e·2041·6e73·6962··emediation·Ansib		0003e950:·656d·6564·6961·7469·6f6e·2041·6e73·6962··emediation·Ansib
0003ed40:·6c65·2073·6e69·7070·6574·20e2·87b2·3c2f··le·snippet·...</		0003e960:·6c65·2073·6e69·7070·6574·20e2·87b2·3c2f··le·snippet·...</
0003ed50:·613e·3c62·723e·3c64·6976·2063·6c61·7373··a><br><div·class		0003e970:·613e·3c62·723e·3c64·6976·2063·6c61·7373··a><br><div·class
0003ed60:·3d22·7061·6e65·6c2d·636f·6c6c·6170·7365··="panel-collapse		0003e980:·3d22·7061·6e65·6c2d·636f·6c6c·6170·7365··="panel-collapse
0003ed70:·2063·6f6c·6c61·7073·6522·2069·643d·2269···collapse"·id="i		0003e990:·2063·6f6c·6c61·7073·6522·2069·643d·2269···collapse"·id="i
0003ed80:·646d·3137·3535·223e·3c74·6162·6c65·2063··dm1755"><table·c		0003e9a0:·646d·3137·3534·223e·3c74·6162·6c65·2063··dm1754"><table·c
0003ed90:·6c61·7373·3d22·7461·626c·6520·7461·626c··lass="table·tabl		0003e9b0:·6c61·7373·3d22·7461·626c·6520·7461·626c··lass="table·tabl
0003eda0:·652d·7374·7269·7065·6420·7461·626c·652d··e-striped·table-		0003e9c0:·652d·7374·7269·7065·6420·7461·626c·652d··e-striped·table-
0003edb0:·626f·7264·6572·6564·2074·6162·6c65·2d63··bordered·table-c		0003e9d0:·626f·7264·6572·6564·2074·6162·6c65·2d63··bordered·table-c
0003edc0:·6f6e·6465·6e73·6564·223e·3c74·723e·3c74··ondensed"><tr><t		0003e9e0:·6f6e·6465·6e73·6564·223e·3c74·723e·3c74··ondensed"><tr><t
0003edd0:·683e·436f·6d70·6c65·7869·7479·3a3c·2f74··h>Complexity:</t		0003e9f0:·683e·436f·6d70·6c65·7869·7479·3a3c·2f74··h>Complexity:</t
0003ede0:·683e·3c74·643e·6c6f·773c·2f74·643e·3c2f··h><td>low</td></		0003ea00:·683e·3c74·643e·6c6f·773c·2f74·643e·3c2f··h><td>low</td></
0003edf0:·7472·3e3c·7472·3e3c·7468·3e44·6973·7275··tr><tr><th>Disru		0003ea10:·7472·3e3c·7472·3e3c·7468·3e44·6973·7275··tr><tr><th>Disru
0003ee00:·7074·696f·6e3a·3c2f·7468·3e3c·7464·3e6c··ption:</th><td>l		0003ea20:·7074·696f·6e3a·3c2f·7468·3e3c·7464·3e6c··ption:</th><td>l
0003ee10:·6f77·3c2f·7464·3e3c·2f74·723e·3c74·723e··ow</td></tr><tr>		0003ea30:·6f77·3c2f·7464·3e3c·2f74·723e·3c74·723e··ow</td></tr><tr>
0003ee20:·3c74·683e·5265·626f·6f74·3a3c·2f74·683e··<th>Reboot:</th>		0003ea40:·3c74·683e·5265·626f·6f74·3a3c·2f74·683e··<th>Reboot:</th>
0003ee30:·3c74·643e·6661·6c73·653c·2f74·643e·3c2f··<td>false</td></		0003ea50:·3c74·643e·6661·6c73·653c·2f74·643e·3c2f··<td>false</td></
0003ee40:·7472·3e3c·7472·3e3c·7468·3e53·7472·6174··tr><tr><th>Strat		0003ea60:·7472·3e3c·7472·3e3c·7468·3e53·7472·6174··tr><tr><th>Strat
0003ee50:·6567·793a·3c2f·7468·3e3c·7464·3e72·6573··egy:</th><td>res		0003ea70:·6567·793a·3c2f·7468·3e3c·7464·3e72·6573··egy:</th><td>res
0003ee60:·7472·6963·743c·2f74·643e·3c2f·7472·3e3c··trict</td></tr><		0003ea80:·7472·6963·743c·2f74·643e·3c2f·7472·3e3c··trict</td></tr><
0003ee70:·2f74·6162·6c65·3e3c·7072·653e·3c63·6f64··/table><pre><cod		0003ea90:·2f74·6162·6c65·3e3c·7072·653e·3c63·6f64··/table><pre><cod
0003ee80:·653e·2d20·6e61·6d65·3a20·4669·6e64·202f··e>-·name:·Find·/		0003eaa0:·653e·2d20·6e61·6d65·3a20·4669·6e64·202f··e>-·name:·Find·/
0003ee90:·6574·632f·7375·646f·6572·732e·642f·2066··etc/sudoers.d/·f		0003eab0:·6574·632f·7375·646f·6572·732e·642f·2066··etc/sudoers.d/·f
0003eea0:·696c·6573·0a20·2061·6e73·6962·6c65·2e62··iles.··ansible.b		0003eac0:·696c·6573·0a20·2061·6e73·6962·6c65·2e62··iles.··ansible.b
0003eeb0:·7569·6c74·696e·2e66·696e·643a·0a20·2020··uiltin.find:.···		0003ead0:·7569·6c74·696e·2e66·696e·643a·0a20·2020··uiltin.find:.···
0003eec0:·2070·6174·6873·3a0a·2020·2020·2d20·2f65···paths:.····-·/e		0003eae0:·2070·6174·6873·3a0a·2020·2020·2d20·2f65···paths:.····-·/e
0003eed0:·7463·2f73·7564·6f65·7273·2e64·2f0a·2020··tc/sudoers.d/.··		0003eaf0:·7463·2f73·7564·6f65·7273·2e64·2f0a·2020··tc/sudoers.d/.··
0003eee0:·7265·6769·7374·6572·3a20·7375·646f·6572··register:·sudoer		0003eb00:·7265·6769·7374·6572·3a20·7375·646f·6572··register:·sudoer
0003eef0:·730a·2020·7461·6773·3a0a·2020·2d20·4e49··s.··tags:.··-·NI		0003eb10:·730a·2020·7461·6773·3a0a·2020·2d20·4e49··s.··tags:.··-·NI
0003ef00:·5354·2d38·3030·2d35·332d·434d·2d36·2861··ST-800-53-CM-6(a		0003eb20:·5354·2d38·3030·2d35·332d·434d·2d36·2861··ST-800-53-CM-6(a
0003ef10:·290a·2020·2d20·4e49·5354·2d38·3030·2d35··).··-·NIST-800-5		0003eb30:·290a·2020·2d20·4e49·5354·2d38·3030·2d35··).··-·NIST-800-5
0003ef20:·332d·4941·2d31·310a·2020·2d20·6c6f·775f··3-IA-11.··-·low_		0003eb40:·332d·4941·2d31·310a·2020·2d20·6c6f·775f··3-IA-11.··-·low_
0003ef30:·636f·6d70·6c65·7869·7479·0a20·202d·206c··complexity.··-·l		0003eb50:·636f·6d70·6c65·7869·7479·0a20·202d·206c··complexity.··-·l
0003ef40:·6f77·5f64·6973·7275·7074·696f·6e0a·2020··ow_disruption.··		0003eb60:·6f77·5f64·6973·7275·7074·696f·6e0a·2020··ow_disruption.··
0003ef50:·2d20·6d65·6469·756d·5f73·6576·6572·6974··-·medium_severit		0003eb70:·2d20·6d65·6469·756d·5f73·6576·6572·6974··-·medium_severit
0003ef60:·790a·2020·2d20·6e6f·5f72·6562·6f6f·745f··y.··-·no_reboot_		0003eb80:·790a·2020·2d20·6e6f·5f72·6562·6f6f·745f··y.··-·no_reboot_
0003ef70:·6e65·6564·6564·0a20·202d·2072·6573·7472··needed.··-·restr		0003eb90:·6e65·6564·6564·0a20·202d·2072·6573·7472··needed.··-·restr
0003ef80:·6963·745f·7374·7261·7465·6779·0a20·202d··ict_strategy.··-		0003eba0:·6963·745f·7374·7261·7465·6779·0a20·202d··ict_strategy.··-
0003ef90:·2073·7564·6f5f·7265·6d6f·7665·5f6e·6f5f···sudo_remove_no_		0003ebb0:·2073·7564·6f5f·7265·6d6f·7665·5f6e·6f5f···sudo_remove_no_
0003efa0:·6175·7468·656e·7469·6361·7465·0a0a·2d20··authenticate..-·		0003ebc0:·6175·7468·656e·7469·6361·7465·0a0a·2d20··authenticate..-·
0003efb0:·6e61·6d65·3a20·5265·6d6f·7665·206c·696e··name:·Remove·lin		0003ebd0:·6e61·6d65·3a20·5265·6d6f·7665·206c·696e··name:·Remove·lin
0003efc0:·6573·2063·6f6e·7461·696e·696e·6720·2161··es·containing·!a		0003ebe0:·6573·2063·6f6e·7461·696e·696e·6720·2161··es·containing·!a
Max diff block lines reached; 990878/1010804 bytes (98.03%) of diff not shown.

+*\x8**\x8**\x8**\x8**\x8*·P\x8Pr\x8ro\x8of\x8fi\x8il\x8le\x8e·I\x8In\x8nf\x8fo\x8or\x8rm\x8ma\x8at\x8ti\x8io\x8on\x8n·*\x8**\x8**\x8**\x8**\x8*
+P\x8Pr\x8ro\x8of\x8fi\x8il\x8le\x8e·T\x8Ti\x8it\x8tl\x8le\x8e·Standard·System·Security·Profile·for·Ubuntu·16.04
+P\x8Pr\x8ro\x8of\x8fi\x8il\x8le\x8e·I\x8ID\x8D····xccdf_org.ssgproject.content_profile_standard
+*\x8**\x8**\x8*·C\x8CP\x8PE\x8E·P\x8Pl\x8la\x8at\x8tf\x8fo\x8or\x8rm\x8ms\x8s·*\x8**\x8**\x8*
+····*·cpe:/o:canonical:ubuntu_linux:16.04::~~lts~~~
+*\x8**\x8**\x8**\x8**\x8*·R\x8Re\x8ev\x8vi\x8is\x8si\x8io\x8on\x8n·H\x8Hi\x8is\x8st\x8to\x8or\x8ry\x8y·*\x8**\x8**\x8**\x8**\x8*
+Current·version:·0\x80.\x8.1\x81.\x8.7\x874\x84
+····*·d\x8dr\x8ra\x8af\x8ft\x8t·(as·of·2024-12-07)
+*\x8**\x8**\x8**\x8**\x8*·T\x8Ta\x8ab\x8bl\x8le\x8e·o\x8of\x8f·C\x8Co\x8on\x8nt\x8te\x8en\x8nt\x8ts\x8s·*\x8**\x8**\x8**\x8**\x8*
+···1.·_\x8S_\x8y_\x8s_\x8t_\x8e_\x8m_\x8·_\x8S_\x8e_\x8t_\x8t_\x8i_\x8n_\x8g_\x8s
+·········1.·_\x8I_\x8n_\x8s_\x8t_\x8a_\x8l_\x8l_\x8i_\x8n_\x8g_\x8·_\x8a_\x8n_\x8d_\x8·_\x8M_\x8a_\x8i_\x8n_\x8t_\x8a_\x8i_\x8n_\x8i_\x8n_\x8g_\x8·_\x8S_\x8o_\x8f_\x8t_\x8w_\x8a_\x8r_\x8e
+·········2.·_\x8C_\x8o_\x8n_\x8f_\x8i_\x8g_\x8u_\x8r_\x8e_\x8·_\x8S_\x8y_\x8s_\x8l_\x8o_\x8g
+·········3.·_\x8F_\x8i_\x8l_\x8e_\x8·_\x8P_\x8e_\x8r_\x8m_\x8i_\x8s_\x8s_\x8i_\x8o_\x8n_\x8s_\x8·_\x8a_\x8n_\x8d_\x8·_\x8M_\x8a_\x8s_\x8k_\x8s
+···2.·_\x8S_\x8e_\x8r_\x8v_\x8i_\x8c_\x8e_\x8s
+·········1.·_\x8C_\x8r_\x8o_\x8n_\x8·_\x8a_\x8n_\x8d_\x8·_\x8A_\x8t_\x8·_\x8D_\x8a_\x8e_\x8m_\x8o_\x8n_\x8s
+············_\x8n_\x8e_\x8r_\x8c_\x8-_\x8c_\x8i_\x8p·······CIP-007-3·R2.1,·CIP-007-3·R2.2,·CIP-007-3·R2.3,·CIP-
+···························007-3·R5.1,·CIP-007-3·R5.1.1,·CIP-007-3·R5.1.2
+············_\x8n_\x8i_\x8s_\x8t···········CM-6(a),·AC-6(1)
+············_\x8n_\x8i_\x8s_\x8t_\x8-_\x8c_\x8s_\x8f·······PR.AC-4,·PR.DS-5
+············_\x8p_\x8c_\x8i_\x8d_\x8s_\x8s·········Req-10.5.1,·Req-10.5.2
+············_\x8a_\x8n_\x8s_\x8s_\x8i··········R71
+············_\x8p_\x8c_\x8i_\x8d_\x8s_\x8s_\x84········10.3.2
+_\x8R_\x8e_\x8m_\x8e_\x8d_\x8i_\x8a_\x8t_\x8i_\x8o_\x8n_\x8·_\x8S_\x8h_\x8e_\x8l_\x8l_\x8·_\x8s_\x8c_\x8r_\x8i_\x8p_\x8t_\x8·_\x8⇲
+#·Remediation·is·applicable·only·in·certain·platforms
+if·[·!·-f·/.dockerenv·]·&&·[·!·-f·/run/.containerenv·];·then
+#·List·of·log·file·paths·to·be·inspected·for·correct·permissions
+#·*·Primarily·inspect·log·file·paths·listed·in·/etc/rsyslog.conf
+RSYSLOG_ETC_CONFIG="/etc/rsyslog.conf"
+#·*·And·also·the·log·file·paths·listed·after·rsyslog's·$IncludeConfig·directive
+#···(store·the·result·into·array·for·the·case·there's·shell·glob·used·as·value
+of·IncludeConfig)
+readarray·-t·OLD_INC·<·<(grep·-e·"\$IncludeConfig[[:space:]]\+[^[:space:];]\+"
+/etc/rsyslog.conf·|·cut·-d·'·'·-f·2)
+readarray·-t·RSYSLOG_INCLUDE_CONFIG·<·<(for·INCPATH·in·"${OLD_INC[@]}";·do·eval
+printf·'%s\\n'·"${INCPATH}";·done)
+readarray·-t·NEW_INC·<·<(sed·-n·'/^\s*include(/,/)/Ip'·/etc/rsyslog.conf·|·sed
+-n·'s@.*file\s*=\s*"\([/[:alnum:][:punct:]]*\)".*@\1@Ip')
+readarray·-t·RSYSLOG_INCLUDE·<·<(for·INCPATH·in·"${NEW_INC[@]}";·do·eval·printf
+'%s\\n'·"${INCPATH}";·done)
+#·Declare·an·array·to·hold·the·final·list·of·different·log·file·paths
+declare·-a·LOG_FILE_PATHS
+#·Array·to·hold·all·rsyslog·config·entries
+RSYSLOG_CONFIGS=()
+RSYSLOG_CONFIGS=("${RSYSLOG_ETC_CONFIG}"·"${RSYSLOG_INCLUDE_CONFIG[@]}"·"$
+{RSYSLOG_INCLUDE[@]}")
+#·Get·full·list·of·files·to·be·checked
+#·RSYSLOG_CONFIGS·may·contain·globs·such·as
+#·/etc/rsyslog.d/*.conf·/etc/rsyslog.d/*.frule
+#·So,·loop·over·the·entries·in·RSYSLOG_CONFIGS·and·use·find·to·get·the·list·of
+included·files.
+RSYSLOG_CONFIG_FILES=()
+for·ENTRY·in·"${RSYSLOG_CONFIGS[@]}"
+do
+»       #·If·directory,·rsyslog·will·search·for·config·files·in·recursively.
+»       #·However,·files·in·hidden·sub-directories·or·hidden·files·will·be·ignored.
+»       if·[·-d·"${ENTRY}"·]
+»       then
+»       »       readarray·-t·FINDOUT·<·<(find·"${ENTRY}"·-not·-path·'*/.*'·-type·f)
+»       »       RSYSLOG_CONFIG_FILES+=("${FINDOUT[@]}")
+»       elif·[·-f·"${ENTRY}"·]
+»       then
+»       »       RSYSLOG_CONFIG_FILES+=("${ENTRY}")
+»       else
+»       »       echo·"Invalid·include·object:·${ENTRY}"
+»       fi
+done
+#·Browse·each·file·selected·above·as·containing·paths·of·log·files
+#·('/etc/rsyslog.conf'·and·'/etc/rsyslog.d/*.conf'·in·the·default
+configuration)
+for·LOG_FILE·in·"${RSYSLOG_CONFIG_FILES[@]}"
+do
+»       #·From·each·of·these·files·extract·just·particular·log·file·path(s),·thus:
+»       #·*·Ignore·lines·starting·with·space·('·'),·comment·('#"),·or·variable·syntax
+('$')·characters,
+»       #·*·Ignore·empty·lines,
+»       #·*·Strip·quotes·and·closing·brackets·from·paths.
+»       #·*·Ignore·paths·that·match·/dev|/etc.*\.conf,·as·those·are·paths,·but·likely
+not·log·files
+»       #·*·From·the·remaining·valid·rows·select·only·fields·constituting·a·log·file
+path
+»       #·Text·file·column·is·understood·to·represent·a·log·file·path·if·and·only·if
+all·of·the
+»       #·following·are·met:
+»       #·*·it·contains·at·least·one·slash·'/'·character,
+»       #·*·it·is·preceded·by·space
+»       #·*·it·doesn't·contain·space·('·'),·colon·(':'),·and·semicolon·(';')
+characters
+»       #·Search·log·file·for·path(s)·only·in·case·it·exists!
+»       if·[[·-f·"${LOG_FILE}"·]]
+»       then
+»       »       NORMALIZED_CONFIG_FILE_LINES=$(sed·-e·"/^[#|$]/d"·"${LOG_FILE}")
+»       »       LINES_WITH_PATHS=$(grep·'[^/]*\s\+\S*/\S\+$'·<<<·"$
+{NORMALIZED_CONFIG_FILE_LINES}")
+»       »       FILTERED_PATHS=$(awk·'{if(NF>=2&&($NF~/^\//||$NF~/^-\//)){sub(/^-\//,"/
+",$NF);print·$NF}}'·<<<·"${LINES_WITH_PATHS}")
+»       »       CLEANED_PATHS=$(sed·-e·"s/[\"')]//g;·/\\/etc.*\.conf/d;·/\\/dev\\//d"·<<<·"$
+{FILTERED_PATHS}")
+»       »       MATCHED_ITEMS=$(sed·-e·"/^$/d"·<<<·"${CLEANED_PATHS}")
+»       »       #·Since·above·sed·command·might·return·more·than·one·item·(delimited·by
+newline),·split
+»       »       #·the·particular·matches·entries·into·new·array·specific·for·this·log·file
+»       »       readarray·-t·ARRAY_FOR_LOG_FILE·<<<·"$MATCHED_ITEMS"
+»       »       #·Concatenate·the·two·arrays·-·previous·content·of·$LOG_FILE_PATHS·array·with
+»       »       #·items·from·newly·created·array·for·this·log·file
+»       »       LOG_FILE_PATHS+=("${ARRAY_FOR_LOG_FILE[@]}")
+»       »       #·Delete·the·temporary·array
+»       »       unset·ARRAY_FOR_LOG_FILE
+»       fi
+done
+#·Check·for·RainerScript·action·log·format·which·might·be·also·multiline·so
+grep·regex·is·a·bit
+#·curly:
+#·extract·possibly·multiline·action·omfile·expressions
+#·extract·File="logfile"·expression
+#·match·only·"logfile"·expression
+for·LOG_FILE·in·"${RSYSLOG_CONFIG_FILES[@]}"
+do
+»       ACTION_OMFILE_LINES=$(grep·-iozP·"action\s*\(\s*type\s*=\s*\"omfile\"[^\)]*\)"
+"${LOG_FILE}")
+»       OMFILE_LINES=$(echo·"${ACTION_OMFILE_LINES}"|·grep·-iaoP·"\bFile\s*=\s*\"([/[:


Offset 14282, 16 lines modified		Offset 14282, 16 lines modified
00037c90:·6f6e·2048·6973·746f·7279·3c2f·6832·3e3c··on·History</h2><		00037c90:·6f6e·2048·6973·746f·7279·3c2f·6832·3e3c··on·History</h2><
00037ca0:·703e·4375·7272·656e·7420·7665·7273·696f··p>Current·versio		00037ca0:·703e·4375·7272·656e·7420·7665·7273·696f··p>Current·versio
00037cb0:·6e3a·203c·7374·726f·6e67·3e30·2e31·2e37··n:·<strong>0.1.7		00037cb0:·6e3a·203c·7374·726f·6e67·3e30·2e31·2e37··n:·<strong>0.1.7
00037cc0:·343c·2f73·7472·6f6e·673e·3c2f·703e·3c75··4</strong></p><u		00037cc0:·343c·2f73·7472·6f6e·673e·3c2f·703e·3c75··4</strong></p><u
00037cd0:·6c3e·3c6c·693e·3c73·7472·6f6e·673e·6472··l><li><strong>dr		00037cd0:·6c3e·3c6c·693e·3c73·7472·6f6e·673e·6472··l><li><strong>dr
00037ce0:·6166·743c·2f73·7472·6f6e·673e·0a20·2020··aft</strong>.···		00037ce0:·6166·743c·2f73·7472·6f6e·673e·0a20·2020··aft</strong>.···
00037cf0:·2020·2020·2020·2020·2020·2020·2020·2020··················		00037cf0:·2020·2020·2020·2020·2020·2020·2020·2020··················
00037d00:·2028·6173·206f·6620·3230·3236·2d30·312d···(as·of·2026-01-		00037d00:·2028·6173·206f·6620·3230·3234·2d31·322d···(as·of·2024-12-
00037d10:·3038·290a·2020·2020·2020·2020·2020·2020··08).············		00037d10:·3037·290a·2020·2020·2020·2020·2020·2020··07).············
00037d20:·2020·2020·3c2f·6c69·3e3c·2f75·6c3e·3c2f······</li></ul></		00037d20:·2020·2020·3c2f·6c69·3e3c·2f75·6c3e·3c2f······</li></ul></
00037d30:·6469·763e·3c68·323e·5461·626c·6520·6f66··div><h2>Table·of		00037d30:·6469·763e·3c68·323e·5461·626c·6520·6f66··div><h2>Table·of
00037d40:·2043·6f6e·7465·6e74·733c·2f68·323e·3c6f···Contents</h2><o		00037d40:·2043·6f6e·7465·6e74·733c·2f68·323e·3c6f···Contents</h2><o
00037d50:·6c3e·3c6c·693e·3c61·2068·7265·663d·2223··l><li><a·href="#		00037d50:·6c3e·3c6c·693e·3c61·2068·7265·663d·2223··l><li><a·href="#
00037d60:·7863·6364·665f·6f72·672e·7373·6770·726f··xccdf_org.ssgpro		00037d60:·7863·6364·665f·6f72·672e·7373·6770·726f··xccdf_org.ssgpro
00037d70:·6a65·6374·2e63·6f6e·7465·6e74·5f67·726f··ject.content_gro		00037d70:·6a65·6374·2e63·6f6e·7465·6e74·5f67·726f··ject.content_gro
00037d80:·7570·5f73·7973·7465·6d22·3e53·7973·7465··up_system">Syste		00037d80:·7570·5f73·7973·7465·6d22·3e53·7973·7465··up_system">Syste
Offset 16680, 168 lines modified		Offset 16680, 168 lines modified
00041270:·7365·2220·6461·7461·2d74·6172·6765·743d··se"·data-target=		00041270:·7365·2220·6461·7461·2d74·6172·6765·743d··se"·data-target=
00041280:·2223·6964·6d36·3836·3622·2074·6162·696e··"#idm6866"·tabin		00041280:·2223·6964·6d36·3836·3622·2074·6162·696e··"#idm6866"·tabin
00041290:·6465·783d·2230·2220·726f·6c65·3d22·6275··dex="0"·role="bu		00041290:·6465·783d·2230·2220·726f·6c65·3d22·6275··dex="0"·role="bu
000412a0:·7474·6f6e·2220·6172·6961·2d65·7870·616e··tton"·aria-expan		000412a0:·7474·6f6e·2220·6172·6961·2d65·7870·616e··tton"·aria-expan
000412b0:·6465·643d·2266·616c·7365·2220·7469·746c··ded="false"·titl		000412b0:·6465·643d·2266·616c·7365·2220·7469·746c··ded="false"·titl
000412c0:·653d·2241·6374·6976·6174·6520·746f·2072··e="Activate·to·r		000412c0:·653d·2241·6374·6976·6174·6520·746f·2072··e="Activate·to·r
000412d0:·6576·6561·6c22·2068·7265·663d·2223·2122··eveal"·href="#!"		000412d0:·6576·6561·6c22·2068·7265·663d·2223·2122··eveal"·href="#!"
000412e0:·3e52·656d·6564·6961·7469·6f6e·2053·6~~865~~··>Remediation·~~She~~		000412e0:·3e52·656d·6564·6961·7469·6f6e·2041·6e73··>Remediation·Ans
		000412f0:·6962·6c65·2073·6e69·7070·6574·20e2·87b2··ible·snippet·...
		00041300:·3c2f·613e·3c62·723e·3c64·6976·2063·6c61··</a><br><div·cla
		00041310:·7373·3d22·7061·6e65·6c2d·636f·6c6c·6170··ss="panel-collap
		00041320:·7365·2063·6f6c·6c61·7073·6522·2069·643d··se·collapse"·id=
		00041330:·2269·646d·3638·3636·223e·3c74·6162·6c65··"idm6866"><table
		00041340:·2063·6c61·7373·3d22·7461·626c·6520·7461···class="table·ta
		00041350:·626c·652d·7374·7269·7065·6420·7461·626c··ble-striped·tabl
		00041360:·652d·626f·7264·6572·6564·2074·6162·6c65··e-bordered·table
		00041370:·2d63·6f6e·6465·6e73·6564·223e·3c74·723e··-condensed"><tr>
		00041380:·3c74·683e·436f·6d70·6c65·7869·7479·3a3c··<th>Complexity:<
		00041390:·2f74·683e·3c74·643e·6c6f·773c·2f74·643e··/th><td>low</td>
		000413a0:·3c2f·7472·3e3c·7472·3e3c·7468·3e44·6973··</tr><tr><th>Dis
		000413b0:·7275·7074·696f·6e3a·3c2f·7468·3e3c·7464··ruption:</th><td
		000413c0:·3e6d·6564·6975·6d3c·2f74·643e·3c2f·7472··>medium</td></tr
		000413d0:·3e3c·7472·3e3c·7468·3e52·6562·6f6f·743a··><tr><th>Reboot:
		000413e0:·3c2f·7468·3e3c·7464·3e74·7275·653c·2f74··</th><td>true</t
		000413f0:·643e·3c2f·7472·3e3c·7472·3e3c·7468·3e53··d></tr><tr><th>S
		00041400:·7472·6174·6567·793a·3c2f·7468·3e3c·7464··trategy:</th><td
		00041410:·3e64·6973·6162·6c65·3c2f·7464·3e3c·2f74··>disable</td></t
		00041420:·723e·3c2f·7461·626c·653e·3c70·7265·3e3c··r></table><pre><
		00041430:·636f·6465·3e2d·206e·616d·653a·2045·6e73··code>-·name:·Ens
		00041440:·7572·6520·6b65·726e·656c·206d·6f64·756c··ure·kernel·modul
		00041450:·6520·2772·6473·2720·6973·2064·6973·6162··e·'rds'·is·disab
		00041460:·6c65·640a·2020·6c69·6e65·696e·6669·6c65··led.··lineinfile
		00041470:·3a0a·2020·2020·6372·6561·7465·3a20·7472··:.····create:·tr
		00041480:·7565·0a20·2020·2064·6573·743a·202f·6574··ue.····dest:·/et
		00041490:·632f·6d6f·6470·726f·6265·2e64·2f72·6473··c/modprobe.d/rds
		000414a0:·2e63·6f6e·660a·2020·2020·7265·6765·7870··.conf.····regexp
000412f0:·6c6c·2073·6372·6970·7420·e287·b23c·2f61··ll·script·...</a
00041300:·3e3c·6272·3e3c·6469·7620·636c·6173·733d··><br><div·class=
00041310:·2270·616e·656c·2d63·6f6c·6c61·7073·6520··"panel-collapse·
00041320:·636f·6c6c·6170·7365·2220·6964·3d22·6964··collapse"·id="id
00041330:·6d36·3836·3622·3e3c·7461·626c·6520·636c··m6866"><table·cl
00041340:·6173·733d·2274·6162·6c65·2074·6162·6c65··ass="table·table
00041350:·2d73·7472·6970·6564·2074·6162·6c65·2d62··-striped·table-b
00041360:·6f72·6465·7265·6420·7461·626c·652d·636f··ordered·table-co
00041370:·6e64·656e·7365·6422·3e3c·7472·3e3c·7468··ndensed"><tr><th
00041380:·3e43·6f6d·706c·6578·6974·793a·3c2f·7468··>Complexity:</th
00041390:·3e3c·7464·3e6c·6f77·3c2f·7464·3e3c·2f74··><td>low</td></t
000413a0:·723e·3c74·723e·3c74·683e·4469·7372·7570··r><tr><th>Disrup
000413b0:·7469·6f6e·3a3c·2f74·683e·3c74·643e·6d65··tion:</th><td>me
000413c0:·6469·756d·3c2f·7464·3e3c·2f74·723e·3c74··dium</td></tr><t
000413d0:·723e·3c74·683e·5265·626f·6f74·3a3c·2f74··r><th>Reboot:</t
000413e0:·683e·3c74·643e·7472·7565·3c2f·7464·3e3c··h><td>true</td><
000413f0:·2f74·723e·3c74·723e·3c74·683e·5374·7261··/tr><tr><th>Stra
00041400:·7465·6779·3a3c·2f74·683e·3c74·643e·6469··tegy:</th><td>di
00041410:·7361·626c·653c·2f74·643e·3c2f·7472·3e3c··sable</td></tr><
00041420:·2f74·6162·6c65·3e3c·7072·653e·3c63·6f64··/table><pre><cod
00041430:·653e·2320·5265·6d65·6469·6174·696f·6e20··e>#·Remediation·
00041440:·6973·2061·7070·6c69·6361·626c·6520·6f6e··is·applicable·on
00041450:·6c79·2069·6e20·6365·7274·6169·6e20·706c··ly·in·certain·pl
00041460:·6174·666f·726d·730a·6966·205b·2021·202d··atforms.if·[·!·-
00041470:·6620·2f2e·646f·636b·6572·656e·7620·5d20··f·/.dockerenv·]·
00041480:·2661·6d70·3b26·616d·703b·205b·2021·202d··&&·[·!·-
00041490:·6620·2f72·756e·2f2e·636f·6e74·6169·6e65··f·/run/.containe
000414a0:·7265·6e76·205d·3b20·7468·656e·0a0a·6966··renv·];·then..if
000414b0:·204c·435f·414c·4c3d·4320·6772·6570·202d···LC_ALL=C·grep·-
000414c0:·7120·2d6d·2031·2022·5e69·6e73·7461·6c6c··q·-m·1·"^install
000414d0:·2072·6473·2220·2f65·7463·2f6d·6f64·7072···rds"·/etc/modpr
000414e0:·6f62·652e·642f·7264·732e·636f·6e66·203b··obe.d/rds.conf·;
000414f0:·2074·6865·6e0a·090a·0973·6564·202d·6920···then....sed·-i·
00041500:·2773·235e·696e·7374·616c·6c20·7264·732e··'s#^install·rds.
00041510:·2a23·696e·7374·616c·6c20·7264·7320·2f62··*#install·rds·/b
00041520:·696e·2f66·616c·7365·2367·2720·2f65·7463··in/false#g'·/etc
00041530:·2f6d·6f64·7072·6f62·652e·642f·7264·732e··/modprobe.d/rds.
00041540:·636f·6e66·0a65·6c73·650a·0965·6368·6f20··conf.else..echo·
00041550:·2d65·2022·5c6e·2320·4469·7361·626c·6520··-e·"\n#·Disable·
00041560:·7065·7220·7365·6375·7269·7479·2072·6571··per·security·req
00041570:·7569·7265·6d65·6e74·7322·2026·6774·3b26··uirements"·>&
00041580:·6774·3b20·2f65·7463·2f6d·6f64·7072·6f62··gt;·/etc/modprob
00041590:·652e·642f·7264·732e·636f·6e66·0a09·6563··e.d/rds.conf..ec
000415a0:·~~686~~f·2022·696e·7374·616c·6c20·7264·7320··ho·"install·rds·		000414b0:·3a20·696e·7374·616c·6c5c·732b·7264·730a··:·install\s+rds.
000415b0:·2f62·696e·2f66·616c·7365·2220·2667·743b··/bin/false"·>
000415c0:·2667·743b·202f·6574·632f·6d6f·6470·726f··>·/etc/modpro
000415d0:·6265·2e64·2f72·6473·2e63·6f6e·660a·6669··be.d/rds.conf.fi
000415e0:·0a0a·6966·2021·204c·435f·414c·4c3d·4320··..if·!·LC_ALL=C·
000415f0:·6772·6570·202d·7120·2d6d·2031·2022·5e62··grep·-q·-m·1·"^b
00041600:·~~6c61~~·~~636b~~·6c69·~~7374~~·~~2072~~·6~~473~~·~~2422~~·~~202f~~··~~lack~~list·rds$~~"·/~~		000414c0:·2020·2020·6c69·6e65·3a20·696e·7374·616c······line:·instal
		000414d0:·6c20·7264·7320·2f62·696e·2f66·616c·7365··l·rds·/bin/false
		000414e0:·0a20·2077·6865·6e3a·2061·6e73·6962·6c65··.··when:·ansible
		000414f0:·5f76·6972·7475·616c·697a·6174·696f·6e5f··_virtualization_
		00041500:·7479·7065·206e·6f74·2069·6e20·5b22·646f··type·not·in·["do
		00041510:·636b·6572·222c·2022·6c78·6322·2c20·226f··cker",·"lxc",·"o
		00041520:·7065·6e76·7a22·2c20·2270·6f64·6d61·6e22··penvz",·"podman"
		00041530:·2c20·2263·6f6e·7461·696e·6572·225d·0a20··,·"container"].·
		00041540:·2074·6167·733a·0a20·202d·204e·4953·542d···tags:.··-·NIST-
		00041550:·3830·302d·3533·2d43·4d2d·3628·6129·0a20··800-53-CM-6(a).·
		00041560:·202d·204e·4953·542d·3830·302d·3533·2d43···-·NIST-800-53-C
		00041570:·4d2d·3728·6129·0a20·202d·204e·4953·542d··M-7(a).··-·NIST-
		00041580:·3830·302d·3533·2d43·4d2d·3728·6229·0a20··800-53-CM-7(b).·
		00041590:·202d·2064·6973·6162·6c65·5f73·7472·6174···-·disable_strat
		000415a0:·6567·790a·2020·2d20·6b65·726e·656c·5f6d··egy.··-·kernel_m
		000415b0:·6f64·756c·655f·7264·735f·6469·7361·626c··odule_rds_disabl
		000415c0:·6564·0a20·202d·206c·6f77·5f63·6f6d·706c··ed.··-·low_compl
		000415d0:·6578·6974·790a·2020·2d20·6c6f·775f·7365··exity.··-·low_se
		000415e0:·7665·7269·7479·0a20·202d·206d·6564·6975··verity.··-·mediu
		000415f0:·6d5f·6469·7372·7570·7469·6f6e·0a20·202d··m_disruption.··-
		00041600:·2072·6562·6f6f·745f·7265·7175·6972·6564···reboot_required
		00041610:·0a0a·2d20·6e61·6d65·3a20·456e·7375·7265··..-·name:·Ensure
		00041620:·206b·6572·6e65·6c20·6d6f·6475·6c65·2027···kernel·module·'
		00041630:·7264·7327·2069·7320·626c·6163·6b6c·6973··rds'·is·blacklis
		00041640:·7465·640a·2020·6c69·6e65·696e·6669·6c65··ted.··lineinfile
Max diff block lines reached; 1645564/1668664 bytes (98.62%) of diff not shown.


Offset 14284, 16 lines modified		Offset 14284, 16 lines modified
00037cb0:·7669·7369·6f6e·2048·6973·746f·7279·3c2f··vision·History</		00037cb0:·7669·7369·6f6e·2048·6973·746f·7279·3c2f··vision·History</
00037cc0:·6832·3e3c·703e·4375·7272·656e·7420·7665··h2><p>Current·ve		00037cc0:·6832·3e3c·703e·4375·7272·656e·7420·7665··h2><p>Current·ve
00037cd0:·7273·696f·6e3a·203c·7374·726f·6e67·3e30··rsion:·<strong>0		00037cd0:·7273·696f·6e3a·203c·7374·726f·6e67·3e30··rsion:·<strong>0
00037ce0:·2e31·2e37·343c·2f73·7472·6f6e·673e·3c2f··.1.74</strong></		00037ce0:·2e31·2e37·343c·2f73·7472·6f6e·673e·3c2f··.1.74</strong></
00037cf0:·703e·3c75·6c3e·3c6c·693e·3c73·7472·6f6e··p><ul><li><stron		00037cf0:·703e·3c75·6c3e·3c6c·693e·3c73·7472·6f6e··p><ul><li><stron
00037d00:·673e·6472·6166·743c·2f73·7472·6f6e·673e··g>draft</strong>		00037d00:·673e·6472·6166·743c·2f73·7472·6f6e·673e··g>draft</strong>
00037d10:·0a20·2020·2020·2020·2020·2020·2020·2020··.···············		00037d10:·0a20·2020·2020·2020·2020·2020·2020·2020··.···············
00037d20:·2020·2020·2028·6173·206f·6620·3230·3236·······(as·of·2026		00037d20:·2020·2020·2028·6173·206f·6620·3230·3234·······(as·of·2024
00037d30:·2d30·312d·3038·290a·2020·2020·2020·2020··-01-08).········		00037d30:·2d31·322d·3037·290a·2020·2020·2020·2020··-12-07).········
00037d40:·2020·2020·2020·2020·3c2f·6c69·3e3c·2f75··········</li></u		00037d40:·2020·2020·2020·2020·3c2f·6c69·3e3c·2f75··········</li></u
00037d50:·6c3e·3c2f·6469·763e·3c68·323e·5461·626c··l></div><h2>Tabl		00037d50:·6c3e·3c2f·6469·763e·3c68·323e·5461·626c··l></div><h2>Tabl
00037d60:·6520·6f66·2043·6f6e·7465·6e74·733c·2f68··e·of·Contents</h		00037d60:·6520·6f66·2043·6f6e·7465·6e74·733c·2f68··e·of·Contents</h
00037d70:·323e·3c6f·6c3e·3c6c·693e·3c61·2068·7265··2><ol><li><a·hre		00037d70:·323e·3c6f·6c3e·3c6c·693e·3c61·2068·7265··2><ol><li><a·hre
00037d80:·663d·2223·7863·6364·665f·6f72·672e·7373··f="#xccdf_org.ss		00037d80:·663d·2223·7863·6364·665f·6f72·672e·7373··f="#xccdf_org.ss
00037d90:·6770·726f·6a65·6374·2e63·6f6e·7465·6e74··gproject.content		00037d90:·6770·726f·6a65·6374·2e63·6f6e·7465·6e74··gproject.content
00037da0:·5f67·726f·7570·5f73·7973·7465·6d22·3e53··_group_system">S		00037da0:·5f67·726f·7570·5f73·7973·7465·6d22·3e53··_group_system">S
Offset 15134, 130 lines modified		Offset 15134, 130 lines modified
0003b1d0:·7267·6574·3d22·2369·646d·3237·3336·2220··rget="#idm2736"·		0003b1d0:·7267·6574·3d22·2369·646d·3237·3336·2220··rget="#idm2736"·
0003b1e0:·7461·6269·6e64·6578·3d22·3022·2072·6f6c··tabindex="0"·rol		0003b1e0:·7461·6269·6e64·6578·3d22·3022·2072·6f6c··tabindex="0"·rol
0003b1f0:·653d·2262·7574·746f·6e22·2061·7269·612d··e="button"·aria-		0003b1f0:·653d·2262·7574·746f·6e22·2061·7269·612d··e="button"·aria-
0003b200:·6578·7061·6e64·6564·3d22·6661·6c73·6522··expanded="false"		0003b200:·6578·7061·6e64·6564·3d22·6661·6c73·6522··expanded="false"
0003b210:·2074·6974·6c65·3d22·4163·7469·7661·7465···title="Activate		0003b210:·2074·6974·6c65·3d22·4163·7469·7661·7465···title="Activate
0003b220:·2074·6f20·7265·7665·616c·2220·6872·6566···to·reveal"·href		0003b220:·2074·6f20·7265·7665·616c·2220·6872·6566···to·reveal"·href
0003b230:·3d22·2321·223e·5265·6d65·6469·6174·696f··="#!">Remediatio		0003b230:·3d22·2321·223e·5265·6d65·6469·6174·696f··="#!">Remediatio
		0003b240:·6e20·4f53·4275·696c·6420·426c·7565·7072··n·OSBuild·Bluepr
		0003b250:·696e·7420·736e·6970·7065·7420·e287·b23c··int·snippet·...<
		0003b260:·2f61·3e3c·6272·3e3c·6469·7620·636c·6173··/a><br><div·clas
		0003b270:·733d·2270·616e·656c·2d63·6f6c·6c61·7073··s="panel-collaps
		0003b280:·6520·636f·6c6c·6170·7365·2220·6964·3d22··e·collapse"·id="
		0003b290:·6964·6d32·3733·3622·3e3c·7072·653e·3c63··idm2736"><pre><c
		0003b2a0:·6f64·653e·0a5b·5b70·6163·6b61·6765·735d··ode>.[[packages]
		0003b2b0:·5d0a·6e61·6d65·203d·2022·6169·6465·220a··].name·=·"aide".
		0003b2c0:·7665·7273·696f·6e20·3d20·222a·220a·3c2f··version·=·"*".</
		0003b2d0:·636f·6465·3e3c·2f70·7265·3e3c·2f64·6976··code></pre></div
		0003b2e0:·3e3c·6120·636c·6173·733d·2262·746e·2062··><a·class="btn·b
		0003b2f0:·746e·2d73·7563·6365·7373·2220·6461·7461··tn-success"·data
		0003b300:·2d74·6f67·676c·653d·2263·6f6c·6c61·7073··-toggle="collaps
		0003b310:·6522·2064·6174·612d·7461·7267·6574·3d22··e"·data-target="
		0003b320:·2369·646d·3237·3337·2220·7461·6269·6e64··#idm2737"·tabind
		0003b330:·6578·3d22·3022·2072·6f6c·653d·2262·7574··ex="0"·role="but
		0003b340:·746f·6e22·2061·7269·612d·6578·7061·6e64··ton"·aria-expand
		0003b350:·6564·3d22·6661·6c73·6522·2074·6974·6c65··ed="false"·title
		0003b360:·3d22·4163·7469·7661·7465·2074·6f20·7265··="Activate·to·re
		0003b370:·7665·616c·2220·6872·6566·3d22·2321·223e··veal"·href="#!">
		0003b380:·5265·6d65·6469·6174·696f·6e20·416e·7369··Remediation·Ansi
		0003b390:·626c·6520·736e·6970·7065·7420·e287·b23c··ble·snippet·...<
		0003b3a0:·2f61·3e3c·6272·3e3c·6469·7620·636c·6173··/a><br><div·clas
		0003b3b0:·733d·2270·616e·656c·2d63·6f6c·6c61·7073··s="panel-collaps
		0003b3c0:·6520·636f·6c6c·6170·7365·2220·6964·3d22··e·collapse"·id="
		0003b3d0:·6964·6d32·3733·3722·3e3c·7461·626c·6520··idm2737"><table·
		0003b3e0:·636c·6173·733d·2274·6162·6c65·2074·6162··class="table·tab
		0003b3f0:·6c65·2d73·7472·6970·6564·2074·6162·6c65··le-striped·table
		0003b400:·2d62·6f72·6465·7265·6420·7461·626c·652d··-bordered·table-
		0003b410:·636f·6e64·656e·7365·6422·3e3c·7472·3e3c··condensed"><tr><
		0003b420:·7468·3e43·6f6d·706c·6578·6974·793a·3c2f··th>Complexity:</
		0003b430:·7468·3e3c·7464·3e6c·6f77·3c2f·7464·3e3c··th><td>low</td><
		0003b440:·2f74·723e·3c74·723e·3c74·683e·4469·7372··/tr><tr><th>Disr
		0003b450:·7570·7469·6f6e·3a3c·2f74·683e·3c74·643e··uption:</th><td>
		0003b460:·6c6f·773c·2f74·643e·3c2f·7472·3e3c·7472··low</td></tr><tr
		0003b470:·3e3c·7468·3e52·6562·6f6f·743a·3c2f·7468··><th>Reboot:</th
		0003b480:·3e3c·7464·3e66·616c·7365·3c2f·7464·3e3c··><td>false</td><
		0003b490:·2f74·723e·3c74·723e·3c74·683e·5374·7261··/tr><tr><th>Stra
		0003b4a0:·7465·6779·3a3c·2f74·683e·3c74·643e·656e··tegy:</th><td>en
		0003b4b0:·6162·6c65·3c2f·7464·3e3c·2f74·723e·3c2f··able</td></tr></
		0003b4c0:·7461·626c·653e·3c70·7265·3e3c·636f·6465··table><pre><code
		0003b4d0:·3e2d·206e·616d·653a·2045·6e73·7572·6520··>-·name:·Ensure·
		0003b4e0:·6169·6465·2069·7320·696e·7374·616c·6c65··aide·is·installe
		0003b4f0:·640a·2020·7061·636b·6167·653a·0a20·2020··d.··package:.···
		0003b500:·206e·616d·653a·2061·6964·650a·2020·2020···name:·aide.····
		0003b510:·7374·6174·653a·2070·7265·7365·6e74·0a20··state:·present.·
		0003b520:·2077·6865·6e3a·2061·6e73·6962·6c65·5f76···when:·ansible_v
		0003b530:·6972·7475·616c·697a·6174·696f·6e5f·7479··irtualization_ty
		0003b540:·7065·206e·6f74·2069·6e20·5b22·646f·636b··pe·not·in·["dock
		0003b550:·6572·222c·2022·6c78·6322·2c20·226f·7065··er",·"lxc",·"ope
		0003b560:·6e76·7a22·2c20·2270·6f64·6d61·6e22·2c20··nvz",·"podman",·
		0003b570:·2263·6f6e·7461·696e·6572·225d·0a20·2074··"container"].··t
		0003b580:·6167·733a·0a20·202d·2043·4a49·532d·352e··ags:.··-·CJIS-5.
		0003b590:·3130·2e31·2e33·0a20·202d·2044·4953·412d··10.1.3.··-·DISA-
		0003b5a0:·5354·4947·2d55·4254·552d·3230·2d30·3130··STIG-UBTU-20-010
		0003b5b0:·3435·300a·2020·2d20·4e49·5354·2d38·3030··450.··-·NIST-800
		0003b5c0:·2d35·332d·434d·2d36·2861·290a·2020·2d20··-53-CM-6(a).··-·
		0003b5d0:·5043·492d·4453·532d·5265·712d·3131·2e35··PCI-DSS-Req-11.5
		0003b5e0:·0a20·202d·2050·4349·2d44·5353·7634·2d31··.··-·PCI-DSSv4-1
		0003b5f0:·312e·352e·320a·2020·2d20·656e·6162·6c65··1.5.2.··-·enable
		0003b600:·5f73·7472·6174·6567·790a·2020·2d20·6c6f··_strategy.··-·lo
		0003b610:·775f·636f·6d70·6c65·7869·7479·0a20·202d··w_complexity.··-
		0003b620:·206c·6f77·5f64·6973·7275·7074·696f·6e0a···low_disruption.
		0003b630:·2020·2d20·6d65·6469·756d·5f73·6576·6572····-·medium_sever
		0003b640:·6974·790a·2020·2d20·6e6f·5f72·6562·6f6f··ity.··-·no_reboo
		0003b650:·745f·6e65·6564·6564·0a20·202d·2070·6163··t_needed.··-·pac
		0003b660:·6b61·6765·5f61·6964·655f·696e·7374·616c··kage_aide_instal
		0003b670:·6c65·640a·3c2f·636f·6465·3e3c·2f70·7265··led.</code></pre
		0003b680:·3e3c·2f64·6976·3e3c·6120·636c·6173·733d··></div><a·class=
		0003b690:·2262·746e·2062·746e·2d73·7563·6365·7373··"btn·btn-success
		0003b6a0:·2220·6461·7461·2d74·6f67·676c·653d·2263··"·data-toggle="c
		0003b6b0:·6f6c·6c61·7073·6522·2064·6174·612d·7461··ollapse"·data-ta
		0003b6c0:·7267·6574·3d22·2369·646d·3237·3338·2220··rget="#idm2738"·
		0003b6d0:·7461·6269·6e64·6578·3d22·3022·2072·6f6c··tabindex="0"·rol
		0003b6e0:·653d·2262·7574·746f·6e22·2061·7269·612d··e="button"·aria-
		0003b6f0:·6578·7061·6e64·6564·3d22·6661·6c73·6522··expanded="false"
		0003b700:·2074·6974·6c65·3d22·4163·7469·7661·7465···title="Activate
		0003b710:·2074·6f20·7265·7665·616c·2220·6872·6566···to·reveal"·href
		0003b720:·3d22·2321·223e·5265·6d65·6469·6174·696f··="#!">Remediatio
0003b240:·6e20·5368·656c·6c20·7363·7269·7074·20e2··n·Shell·script·.		0003b730:·6e20·5368·656c·6c20·7363·7269·7074·20e2··n·Shell·script·.
0003b250:·87b2·3c2f·613e·3c62·723e·3c64·6976·2063··..</a><br><div·c		0003b740:·87b2·3c2f·613e·3c62·723e·3c64·6976·2063··..</a><br><div·c
0003b260:·6c61·7373·3d22·7061·6e65·6c2d·636f·6c6c··lass="panel-coll		0003b750:·6c61·7373·3d22·7061·6e65·6c2d·636f·6c6c··lass="panel-coll
0003b270:·6170·7365·2063·6f6c·6c61·7073·6522·2069··apse·collapse"·i		0003b760:·6170·7365·2063·6f6c·6c61·7073·6522·2069··apse·collapse"·i
0003b280:·643d·2269·646d·3237·3336·223e·3c74·6162··d="idm2736"><tab		0003b770:·643d·2269·646d·3237·3338·223e·3c74·6162··d="idm2738"><tab
0003b290:·6c65·2063·6c61·7373·3d22·7461·626c·6520··le·class="table·		0003b780:·6c65·2063·6c61·7373·3d22·7461·626c·6520··le·class="table·
0003b2a0:·7461·626c·652d·7374·7269·7065·6420·7461··table-striped·ta		0003b790:·7461·626c·652d·7374·7269·7065·6420·7461··table-striped·ta
0003b2b0:·626c·652d·626f·7264·6572·6564·2074·6162··ble-bordered·tab		0003b7a0:·626c·652d·626f·7264·6572·6564·2074·6162··ble-bordered·tab
0003b2c0:·6c65·2d63·6f6e·6465·6e73·6564·223e·3c74··le-condensed"><t		0003b7b0:·6c65·2d63·6f6e·6465·6e73·6564·223e·3c74··le-condensed"><t
0003b2d0:·723e·3c74·683e·436f·6d70·6c65·7869·7479··r><th>Complexity		0003b7c0:·723e·3c74·683e·436f·6d70·6c65·7869·7479··r><th>Complexity
0003b2e0:·3a3c·2f74·683e·3c74·643e·6c6f·773c·2f74··:</th><td>low</t		0003b7d0:·3a3c·2f74·683e·3c74·643e·6c6f·773c·2f74··:</th><td>low</t
0003b2f0:·643e·3c2f·7472·3e3c·7472·3e3c·7468·3e44··d></tr><tr><th>D		0003b7e0:·643e·3c2f·7472·3e3c·7472·3e3c·7468·3e44··d></tr><tr><th>D
0003b300:·6973·7275·7074·696f·6e3a·3c2f·7468·3e3c··isruption:</th><		0003b7f0:·6973·7275·7074·696f·6e3a·3c2f·7468·3e3c··isruption:</th><
0003b310:·7464·3e6c·6f77·3c2f·7464·3e3c·2f74·723e··td>low</td></tr>		0003b800:·7464·3e6c·6f77·3c2f·7464·3e3c·2f74·723e··td>low</td></tr>
0003b320:·3c74·723e·3c74·683e·5265·626f·6f74·3a3c··<tr><th>Reboot:<		0003b810:·3c74·723e·3c74·683e·5265·626f·6f74·3a3c··<tr><th>Reboot:<
0003b330:·2f74·683e·3c74·643e·6661·6c73·653c·2f74··/th><td>false</t		0003b820:·2f74·683e·3c74·643e·6661·6c73·653c·2f74··/th><td>false</t
0003b340:·643e·3c2f·7472·3e3c·7472·3e3c·7468·3e53··d></tr><tr><th>S		0003b830:·643e·3c2f·7472·3e3c·7472·3e3c·7468·3e53··d></tr><tr><th>S
0003b350:·7472·6174·6567·793a·3c2f·7468·3e3c·7464··trategy:</th><td		0003b840:·7472·6174·6567·793a·3c2f·7468·3e3c·7464··trategy:</th><td
0003b360:·3e65·6e61·626c·653c·2f74·643e·3c2f·7472··>enable</td></tr		0003b850:·3e65·6e61·626c·653c·2f74·643e·3c2f·7472··>enable</td></tr
0003b370:·3e3c·2f74·6162·6c65·3e3c·7072·653e·3c63··></table><pre><c		0003b860:·3e3c·2f74·6162·6c65·3e3c·7072·653e·3c63··></table><pre><c
0003b380:·6f64·653e·2320·5265·6d65·6469·6174·696f··ode>#·Remediatio		0003b870:·6f64·653e·2320·5265·6d65·6469·6174·696f··ode>#·Remediatio
0003b390:·6e20·6973·2061·7070·6c69·6361·626c·6520··n·is·applicable·		0003b880:·6e20·6973·2061·7070·6c69·6361·626c·6520··n·is·applicable·
0003b3a0:·6f6e·6c79·2069·6e20·6365·7274·6169·6e20··only·in·certain·		0003b890:·6f6e·6c79·2069·6e20·6365·7274·6169·6e20··only·in·certain·
0003b3b0:·706c·6174·666f·726d·730a·6966·205b·2021··platforms.if·[·!		0003b8a0:·706c·6174·666f·726d·730a·6966·205b·2021··platforms.if·[·!
Max diff block lines reached; 5778987/5796843 bytes (99.69%) of diff not shown.


Offset 14285, 16 lines modified		Offset 14285, 16 lines modified
00037cc0:·6973·696f·6e20·4869·7374·6f72·793c·2f68··ision·History</h		00037cc0:·6973·696f·6e20·4869·7374·6f72·793c·2f68··ision·History</h
00037cd0:·323e·3c70·3e43·7572·7265·6e74·2076·6572··2><p>Current·ver		00037cd0:·323e·3c70·3e43·7572·7265·6e74·2076·6572··2><p>Current·ver
00037ce0:·7369·6f6e·3a20·3c73·7472·6f6e·673e·302e··sion:·<strong>0.		00037ce0:·7369·6f6e·3a20·3c73·7472·6f6e·673e·302e··sion:·<strong>0.
00037cf0:·312e·3734·3c2f·7374·726f·6e67·3e3c·2f70··1.74</strong></p		00037cf0:·312e·3734·3c2f·7374·726f·6e67·3e3c·2f70··1.74</strong></p
00037d00:·3e3c·756c·3e3c·6c69·3e3c·7374·726f·6e67··><ul><li><strong		00037d00:·3e3c·756c·3e3c·6c69·3e3c·7374·726f·6e67··><ul><li><strong
00037d10:·3e64·7261·6674·3c2f·7374·726f·6e67·3e0a··>draft</strong>.		00037d10:·3e64·7261·6674·3c2f·7374·726f·6e67·3e0a··>draft</strong>.
00037d20:·2020·2020·2020·2020·2020·2020·2020·2020··················		00037d20:·2020·2020·2020·2020·2020·2020·2020·2020··················
00037d30:·2020·2020·2861·7320·6f66·2032·3032·362d······(as·of·2026-		00037d30:·2020·2020·2861·7320·6f66·2032·3032·342d······(as·of·2024-
00037d40:·3031·2d30·3829·0a20·2020·2020·2020·2020··01-08).·········		00037d40:·3132·2d30·3729·0a20·2020·2020·2020·2020··12-07).·········
00037d50:·2020·2020·2020·203c·2f6c·693e·3c2f·756c·········</li></ul		00037d50:·2020·2020·2020·203c·2f6c·693e·3c2f·756c·········</li></ul
00037d60:·3e3c·2f64·6976·3e3c·6832·3e54·6162·6c65··></div><h2>Table		00037d60:·3e3c·2f64·6976·3e3c·6832·3e54·6162·6c65··></div><h2>Table
00037d70:·206f·6620·436f·6e74·656e·7473·3c2f·6832···of·Contents</h2		00037d70:·206f·6620·436f·6e74·656e·7473·3c2f·6832···of·Contents</h2
00037d80:·3e3c·6f6c·3e3c·6c69·3e3c·6120·6872·6566··><ol><li><a·href		00037d80:·3e3c·6f6c·3e3c·6c69·3e3c·6120·6872·6566··><ol><li><a·href
00037d90:·3d22·2378·6363·6466·5f6f·7267·2e73·7367··="#xccdf_org.ssg		00037d90:·3d22·2378·6363·6466·5f6f·7267·2e73·7367··="#xccdf_org.ssg
00037da0:·7072·6f6a·6563·742e·636f·6e74·656e·745f··project.content_		00037da0:·7072·6f6a·6563·742e·636f·6e74·656e·745f··project.content_
00037db0:·6772·6f75·705f·7379·7374·656d·223e·5379··group_system">Sy		00037db0:·6772·6f75·705f·7379·7374·656d·223e·5379··group_system">Sy
Offset 15129, 131 lines modified		Offset 15129, 131 lines modified
0003b180:·6170·7365·2220·6461·7461·2d74·6172·6765··apse"·data-targe		0003b180:·6170·7365·2220·6461·7461·2d74·6172·6765··apse"·data-targe
0003b190:·743d·2223·6964·6d32·3733·3622·2074·6162··t="#idm2736"·tab		0003b190:·743d·2223·6964·6d32·3733·3622·2074·6162··t="#idm2736"·tab
0003b1a0:·696e·6465·783d·2230·2220·726f·6c65·3d22··index="0"·role="		0003b1a0:·696e·6465·783d·2230·2220·726f·6c65·3d22··index="0"·role="
0003b1b0:·6275·7474·6f6e·2220·6172·6961·2d65·7870··button"·aria-exp		0003b1b0:·6275·7474·6f6e·2220·6172·6961·2d65·7870··button"·aria-exp
0003b1c0:·616e·6465·643d·2266·616c·7365·2220·7469··anded="false"·ti		0003b1c0:·616e·6465·643d·2266·616c·7365·2220·7469··anded="false"·ti
0003b1d0:·746c·653d·2241·6374·6976·6174·6520·746f··tle="Activate·to		0003b1d0:·746c·653d·2241·6374·6976·6174·6520·746f··tle="Activate·to
0003b1e0:·2072·6576·6561·6c22·2068·7265·663d·2223···reveal"·href="#		0003b1e0:·2072·6576·6561·6c22·2068·7265·663d·2223···reveal"·href="#
0003b1f0:·2122·3e52·656d·6564·6961·7469·6f6e·2053··!">Remediation·S		0003b1f0:·2122·3e52·656d·6564·6961·7469·6f6e·204f··!">Remediation·O
		0003b200:·5342·7569·6c64·2042·6c75·6570·7269·6e74··SBuild·Blueprint
		0003b210:·2073·6e69·7070·6574·20e2·87b2·3c2f·613e···snippet·...</a>
		0003b220:·3c62·723e·3c64·6976·2063·6c61·7373·3d22··<br><div·class="
		0003b230:·7061·6e65·6c2d·636f·6c6c·6170·7365·2063··panel-collapse·c
		0003b240:·6f6c·6c61·7073·6522·2069·643d·2269·646d··ollapse"·id="idm
0003b200:·6865·6c6c·2073·6372·6970·7420·e287·b23c··hell·script·...<
0003b210:·2f61·3e3c·6272·3e3c·6469·7620·636c·6173··/a><br><div·clas
0003b220:·733d·2270·616e·656c·2d63·6f6c·6c61·7073··s="panel-collaps
0003b230:·6520·636f·6c6c·6170·7365·2220·6964·3d22··e·collapse"·id="
0003b240:·6964·6d32·3733·3622·3e3c·7461·626c·6520··idm2736"><table·
0003b250:·636c·6173·733d·2274·6162·6c65·2074·6162··class="table·tab
0003b260:·6c65·2d73·7472·6970·6564·2074·6162·6c65··le-striped·table
0003b270:·2d62·6f72·6465·7265·6420·7461·626c·652d··-bordered·table-
0003b280:·636f·6e64·656e·7365·6422·3e3c·7472·3e3c··condensed"><tr><
0003b290:·7468·3e43·6f6d·706c·6578·6974·793a·3c2f··th>Complexity:</
0003b2a0:·7468·3e3c·7464·3e6c·6f77·3c2f·7464·3e3c··th><td>low</td><
0003b2b0:·2f74·723e·3c74·723e·3c74·683e·4469·7372··/tr><tr><th>Disr
0003b2c0:·7570·7469·6f6e·3a3c·2f74·683e·3c74·643e··uption:</th><td>
0003b2d0:·6c6f·773c·2f74·643e·3c2f·7472·3e3c·7472··low</td></tr><tr
0003b2e0:·3e3c·7468·3e52·6562·6f6f·743a·3c2f·7468··><th>Reboot:</th
0003b2f0:·3e3c·7464·3e66·616c·7365·3c2f·7464·3e3c··><td>false</td><
0003b300:·2f74·723e·3c74·723e·3c74·683e·5374·7261··/tr><tr><th>Stra
0003b310:·7465·6779·3a3c·2f74·683e·3c74·643e·656e··tegy:</th><td>en
0003b320:·6162·6c65·3c2f·7464·3e3c·2f74·723e·3c2f··able</td></tr></
0003b330:·~~7461~~·~~626c~~·653e·3c70·7265·3e3c·636f·6465··~~table~~><pre><code		0003b250:·3237·3336·223e·3c70·7265·3e3c·636f·6465··2736"><pre><code
		0003b260:·3e0a·5b5b·7061·636b·6167·6573·5d5d·0a6e··>.[[packages]].n
		0003b270:·616d·6520·3d20·2261·6964·6522·0a76·6572··ame·=·"aide".ver
		0003b280:·7369·6f6e·203d·2022·2a22·0a3c·2f63·6f64··sion·=·"*".</cod
0003b340:·3e23·2052·656d·6564·6961·7469·6f6e·2069··>#·Remediation·i
0003b350:·7320·6170·706c·6963·6162·6c65·206f·6e6c··s·applicable·onl
0003b360:·7920·696e·2063·6572·7461·696e·2070·6c61··y·in·certain·pla
0003b370:·7466·6f72·6d73·0a69·6620·5b20·2120·2d66··tforms.if·[·!·-f
0003b380:·202f·2e64·6f63·6b65·7265·6e76·205d·2026···/.dockerenv·]·&
0003b390:·616d·703b·2661·6d70·3b20·5b20·2120·2d66··amp;&·[·!·-f
0003b3a0:·202f·7275·6e2f·2e63·6f6e·7461·696e·6572···/run/.container
0003b3b0:·656e·7620·5d3b·2074·6865·6e0a·0a44·4542··env·];·then..DEB
0003b3c0:·4941·4e5f·4652·4f4e·5445·4e44·3d6e·6f6e··IAN_FRONTEND=non
0003b3d0:·696e·7465·7261·6374·6976·6520·6170·742d··interactive·apt-
0003b3e0:·6765·7420·696e·7374·616c·6c20·2d79·2022··get·install·-y·"
0003b3f0:·6169·6465·220a·0a65·6c73·650a·2020·2020··aide"..else.····
0003b400:·2667·743b·2661·6d70·3b32·2065·6368·6f20··>&2·echo·
0003b410:·2752·656d·6564·6961·7469·6f6e·2069·7320··'Remediation·is·
0003b420:·6e6f·7420·6170·706c·6963·6162·6c65·2c20··not·applicable,·
0003b430:·6e6f·7468·696e·6720·7761·7320·646f·6e65··nothing·was·done
0003b440:·270a·6669·0a3c·2f63·6f64·653e·3c2f·7072··'.fi.</code></pr
0003b450:·653e·3c2f·6469·763e·3c61·2063·6c61·7373··e></div><a·class
0003b460:·3d22·6274·6e20·6274·6e2d·7375·6363·6573··="btn·btn-succes
0003b470:·7322·2064·6174·612d·746f·6767·6c65·3d22··s"·data-toggle="
0003b480:·636f·6c6c·6170·7365·2220·6461·7461·2d74··collapse"·data-t
0003b490:·6172·6765·743d·2223·6964·6d32·3733·3722··arget="#idm2737"
0003b4a0:·2074·6162·696e·6465·783d·2230·2220·726f···tabindex="0"·ro
0003b4b0:·6c65·3d22·6275·7474·6f6e·2220·6172·6961··le="button"·aria
0003b4c0:·2d65·7870·616e·6465·643d·2266·616c·7365··-expanded="false
0003b4d0:·2220·7469·746c·653d·2241·6374·6976·6174··"·title="Activat
0003b4e0:·6520·746f·2072·6576·6561·6c22·2068·7265··e·to·reveal"·hre
0003b4f0:·663d·2223·2122·3e52·656d·6564·6961·7469··f="#!">Remediati
0003b500:·6f6e·2041·6e73·6962·6c65·2073·6e69·7070··on·Ansible·snipp
0003b510:·6574·20e2·87b2·3c2f·613e·3c62·723e·3c64··et·...</a><br><d
0003b520:·6976·2063·6c61·7373·3d22·7061·6e65·6c2d··iv·class="panel-
0003b530:·636f·6c6c·6170·7365·2063·6f6c·6c61·7073··collapse·collaps
0003b540:·6522·2069·643d·2269·646d·3237·3337·223e··e"·id="idm2737">
0003b550:·3c74·6162·6c65·2063·6c61·7373·3d22·7461··<table·class="ta
0003b560:·626c·6520·7461·626c·652d·7374·7269·7065··ble·table-stripe
0003b570:·6420·7461·626c·652d·626f·7264·6572·6564··d·table-bordered
0003b580:·2074·6162·6c65·2d63·6f6e·6465·6e73·6564···table-condensed
0003b590:·223e·3c74·723e·3c74·683e·436f·6d70·6c65··"><tr><th>Comple
0003b5a0:·7869·7479·3a3c·2f74·683e·3c74·643e·6c6f··xity:</th><td>lo
0003b5b0:·773c·2f74·643e·3c2f·7472·3e3c·7472·3e3c··w</td></tr><tr><
0003b5c0:·7468·3e44·6973·7275·7074·696f·6e3a·3c2f··th>Disruption:</
0003b5d0:·7468·3e3c·7464·3e6c·6f77·3c2f·7464·3e3c··th><td>low</td><
0003b5e0:·2f74·723e·3c74·723e·3c74·683e·5265·626f··/tr><tr><th>Rebo
0003b5f0:·6f74·3a3c·2f74·683e·3c74·643e·6661·6c73··ot:</th><td>fals
0003b600:·653c·2f74·643e·3c2f·7472·3e3c·7472·3e3c··e</td></tr><tr><
0003b610:·7468·3e53·7472·6174·6567·793a·3c2f·7468··th>Strategy:</th
0003b620:·3e3c·7464·3e65·6e61·626c·653c·2f74·643e··><td>enable</td>
0003b630:·3c2f·7472·3e3c·2f74·6162·6c65·3e3c·7072··</tr></table><pr
0003b640:·653e·3c63·6f64·653e·2d20·6e61·6d65·3a20··e><code>-·name:·
0003b650:·456e·7375·7265·2061·6964·6520·6973·2069··Ensure·aide·is·i
0003b660:·6e73·7461·6c6c·6564·0a20·2070·6163·6b61··nstalled.··packa
0003b670:·6765·3a0a·2020·2020·6e61·6d65·3a20·6169··ge:.····name:·ai
0003b680:·6465·0a20·2020·2073·7461·7465·3a20·7072··de.····state:·pr
0003b690:·6573·656e·740a·2020·7768·656e·3a20·616e··esent.··when:·an
0003b6a0:·7369·626c·655f·7669·7274·7561·6c69·7a61··sible_virtualiza
0003b6b0:·7469·6f6e·5f74·7970·6520·6e6f·7420·696e··tion_type·not·in
0003b6c0:·205b·2264·6f63·6b65·7222·2c20·226c·7863···["docker",·"lxc
0003b6d0:·222c·2022·6f70·656e·767a·222c·2022·706f··",·"openvz",·"po
0003b6e0:·646d·616e·222c·2022·636f·6e74·6169·6e65··dman",·"containe
0003b6f0:·7222·5d0a·2020·7461·6773·3a0a·2020·2d20··r"].··tags:.··-·
0003b700:·434a·4953·2d35·2e31·302e·312e·330a·2020··CJIS-5.10.1.3.··
0003b710:·2d20·4449·5341·2d53·5449·472d·5542·5455··-·DISA-STIG-UBTU
0003b720:·2d32·302d·3031·3034·3530·0a20·202d·204e··-20-010450.··-·N
0003b730:·4953·542d·3830·302d·3533·2d43·4d2d·3628··IST-800-53-CM-6(
0003b740:·6129·0a20·202d·2050·4349·2d44·5353·2d52··a).··-·PCI-DSS-R
0003b750:·6571·2d31·312e·350a·2020·2d20·5043·492d··eq-11.5.··-·PCI-
0003b760:·4453·5376·342d·3131·2e35·2e32·0a20·202d··DSSv4-11.5.2.··-
0003b770:·2065·6e61·626c·655f·7374·7261·7465·6779···enable_strategy
0003b780:·0a20·202d·206c·6f77·5f63·6f6d·706c·6578··.··-·low_complex
0003b790:·6974·790a·2020·2d20·6c6f·775f·6469·7372··ity.··-·low_disr
0003b7a0:·7570·7469·6f6e·0a20·202d·206d·6564·6975··uption.··-·mediu
0003b7b0:·6d5f·7365·7665·7269·7479·0a20·202d·206e··m_severity.··-·n
0003b7c0:·6f5f·7265·626f·6f74·5f6e·6565·6465·640a··o_reboot_needed.
0003b7d0:·2020·2d20·7061·636b·6167·655f·6169·6465····-·package_aide
Max diff block lines reached; 5624843/5642837 bytes (99.68%) of diff not shown.


Offset 14298, 15 lines modified		Offset 14298, 15 lines modified
00037d90:·7374·6f72·793c·2f68·323e·3c70·3e43·7572··story</h2><p>Cur		00037d90:·7374·6f72·793c·2f68·323e·3c70·3e43·7572··story</h2><p>Cur
00037da0:·7265·6e74·2076·6572·7369·6f6e·3a20·3c73··rent·version:·<s		00037da0:·7265·6e74·2076·6572·7369·6f6e·3a20·3c73··rent·version:·<s
00037db0:·7472·6f6e·673e·302e·312e·3734·3c2f·7374··trong>0.1.74</st		00037db0:·7472·6f6e·673e·302e·312e·3734·3c2f·7374··trong>0.1.74</st
00037dc0:·726f·6e67·3e3c·2f70·3e3c·756c·3e3c·6c69··rong></p><ul><li		00037dc0:·726f·6e67·3e3c·2f70·3e3c·756c·3e3c·6c69··rong></p><ul><li
00037dd0:·3e3c·7374·726f·6e67·3e64·7261·6674·3c2f··><strong>draft</		00037dd0:·3e3c·7374·726f·6e67·3e64·7261·6674·3c2f··><strong>draft</
00037de0:·7374·726f·6e67·3e0a·2020·2020·2020·2020··strong>.········		00037de0:·7374·726f·6e67·3e0a·2020·2020·2020·2020··strong>.········
00037df0:·2020·2020·2020·2020·2020·2020·2861·7320··············(as·		00037df0:·2020·2020·2020·2020·2020·2020·2861·7320··············(as·
00037e00:·6f66·2032·3032·362d·3031·2d30·3829·0a20··of·2026-01-08).·		00037e00:·6f66·2032·3032·342d·3132·2d30·3729·0a20··of·2024-12-07).·
00037e10:·2020·2020·2020·2020·2020·2020·2020·203c·················<		00037e10:·2020·2020·2020·2020·2020·2020·2020·203c·················<
00037e20:·2f6c·693e·3c2f·756c·3e3c·2f64·6976·3e3c··/li></ul></div><		00037e20:·2f6c·693e·3c2f·756c·3e3c·2f64·6976·3e3c··/li></ul></div><
00037e30:·6832·3e54·6162·6c65·206f·6620·436f·6e74··h2>Table·of·Cont		00037e30:·6832·3e54·6162·6c65·206f·6620·436f·6e74··h2>Table·of·Cont
00037e40:·656e·7473·3c2f·6832·3e3c·6f6c·3e3c·6c69··ents</h2><ol><li		00037e40:·656e·7473·3c2f·6832·3e3c·6f6c·3e3c·6c69··ents</h2><ol><li
00037e50:·3e3c·6120·6872·6566·3d22·2378·6363·6466··><a·href="#xccdf		00037e50:·3e3c·6120·6872·6566·3d22·2378·6363·6466··><a·href="#xccdf
00037e60:·5f6f·7267·2e73·7367·7072·6f6a·6563·742e··_org.ssgproject.		00037e60:·5f6f·7267·2e73·7367·7072·6f6a·6563·742e··_org.ssgproject.
00037e70:·636f·6e74·656e·745f·6772·6f75·705f·7379··content_group_sy		00037e70:·636f·6e74·656e·745f·6772·6f75·705f·7379··content_group_sy
Offset 15111, 130 lines modified		Offset 15111, 130 lines modified
0003b060:·612d·7461·7267·6574·3d22·2369·646d·3237··a-target="#idm27		0003b060:·612d·7461·7267·6574·3d22·2369·646d·3237··a-target="#idm27
0003b070:·3336·2220·7461·6269·6e64·6578·3d22·3022··36"·tabindex="0"		0003b070:·3336·2220·7461·6269·6e64·6578·3d22·3022··36"·tabindex="0"
0003b080:·2072·6f6c·653d·2262·7574·746f·6e22·2061···role="button"·a		0003b080:·2072·6f6c·653d·2262·7574·746f·6e22·2061···role="button"·a
0003b090:·7269·612d·6578·7061·6e64·6564·3d22·6661··ria-expanded="fa		0003b090:·7269·612d·6578·7061·6e64·6564·3d22·6661··ria-expanded="fa
0003b0a0:·6c73·6522·2074·6974·6c65·3d22·4163·7469··lse"·title="Acti		0003b0a0:·6c73·6522·2074·6974·6c65·3d22·4163·7469··lse"·title="Acti
0003b0b0:·7661·7465·2074·6f20·7265·7665·616c·2220··vate·to·reveal"·		0003b0b0:·7661·7465·2074·6f20·7265·7665·616c·2220··vate·to·reveal"·
0003b0c0:·6872·6566·3d22·2321·223e·5265·6d65·6469··href="#!">Remedi		0003b0c0:·6872·6566·3d22·2321·223e·5265·6d65·6469··href="#!">Remedi
		0003b0d0:·6174·696f·6e20·4f53·4275·696c·6420·426c··ation·OSBuild·Bl
		0003b0e0:·7565·7072·696e·7420·736e·6970·7065·7420··ueprint·snippet·
		0003b0f0:·e287·b23c·2f61·3e3c·6272·3e3c·6469·7620··...</a><br><div·
		0003b100:·636c·6173·733d·2270·616e·656c·2d63·6f6c··class="panel-col
		0003b110:·6c61·7073·6520·636f·6c6c·6170·7365·2220··lapse·collapse"·
		0003b120:·6964·3d22·6964·6d32·3733·3622·3e3c·7072··id="idm2736"><pr
		0003b130:·653e·3c63·6f64·653e·0a5b·5b70·6163·6b61··e><code>.[[packa
		0003b140:·6765·735d·5d0a·6e61·6d65·203d·2022·6169··ges]].name·=·"ai
		0003b150:·6465·220a·7665·7273·696f·6e20·3d20·222a··de".version·=·"*
		0003b160:·220a·3c2f·636f·6465·3e3c·2f70·7265·3e3c··".</code></pre><
		0003b170:·2f64·6976·3e3c·6120·636c·6173·733d·2262··/div><a·class="b
		0003b180:·746e·2062·746e·2d73·7563·6365·7373·2220··tn·btn-success"·
		0003b190:·6461·7461·2d74·6f67·676c·653d·2263·6f6c··data-toggle="col
		0003b1a0:·6c61·7073·6522·2064·6174·612d·7461·7267··lapse"·data-targ
		0003b1b0:·6574·3d22·2369·646d·3237·3337·2220·7461··et="#idm2737"·ta
		0003b1c0:·6269·6e64·6578·3d22·3022·2072·6f6c·653d··bindex="0"·role=
		0003b1d0:·2262·7574·746f·6e22·2061·7269·612d·6578··"button"·aria-ex
		0003b1e0:·7061·6e64·6564·3d22·6661·6c73·6522·2074··panded="false"·t
		0003b1f0:·6974·6c65·3d22·4163·7469·7661·7465·2074··itle="Activate·t
		0003b200:·6f20·7265·7665·616c·2220·6872·6566·3d22··o·reveal"·href="
		0003b210:·2321·223e·5265·6d65·6469·6174·696f·6e20··#!">Remediation·
		0003b220:·416e·7369·626c·6520·736e·6970·7065·7420··Ansible·snippet·
		0003b230:·e287·b23c·2f61·3e3c·6272·3e3c·6469·7620··...</a><br><div·
		0003b240:·636c·6173·733d·2270·616e·656c·2d63·6f6c··class="panel-col
		0003b250:·6c61·7073·6520·636f·6c6c·6170·7365·2220··lapse·collapse"·
		0003b260:·6964·3d22·6964·6d32·3733·3722·3e3c·7461··id="idm2737"><ta
		0003b270:·626c·6520·636c·6173·733d·2274·6162·6c65··ble·class="table
		0003b280:·2074·6162·6c65·2d73·7472·6970·6564·2074···table-striped·t
		0003b290:·6162·6c65·2d62·6f72·6465·7265·6420·7461··able-bordered·ta
		0003b2a0:·626c·652d·636f·6e64·656e·7365·6422·3e3c··ble-condensed"><
		0003b2b0:·7472·3e3c·7468·3e43·6f6d·706c·6578·6974··tr><th>Complexit
		0003b2c0:·793a·3c2f·7468·3e3c·7464·3e6c·6f77·3c2f··y:</th><td>low</
		0003b2d0:·7464·3e3c·2f74·723e·3c74·723e·3c74·683e··td></tr><tr><th>
		0003b2e0:·4469·7372·7570·7469·6f6e·3a3c·2f74·683e··Disruption:</th>
		0003b2f0:·3c74·643e·6c6f·773c·2f74·643e·3c2f·7472··<td>low</td></tr
		0003b300:·3e3c·7472·3e3c·7468·3e52·6562·6f6f·743a··><tr><th>Reboot:
		0003b310:·3c2f·7468·3e3c·7464·3e66·616c·7365·3c2f··</th><td>false</
		0003b320:·7464·3e3c·2f74·723e·3c74·723e·3c74·683e··td></tr><tr><th>
		0003b330:·5374·7261·7465·6779·3a3c·2f74·683e·3c74··Strategy:</th><t
		0003b340:·643e·656e·6162·6c65·3c2f·7464·3e3c·2f74··d>enable</td></t
		0003b350:·723e·3c2f·7461·626c·653e·3c70·7265·3e3c··r></table><pre><
		0003b360:·636f·6465·3e2d·206e·616d·653a·2045·6e73··code>-·name:·Ens
		0003b370:·7572·6520·6169·6465·2069·7320·696e·7374··ure·aide·is·inst
		0003b380:·616c·6c65·640a·2020·7061·636b·6167·653a··alled.··package:
		0003b390:·0a20·2020·206e·616d·653a·2061·6964·650a··.····name:·aide.
		0003b3a0:·2020·2020·7374·6174·653a·2070·7265·7365······state:·prese
		0003b3b0:·6e74·0a20·2077·6865·6e3a·2061·6e73·6962··nt.··when:·ansib
		0003b3c0:·6c65·5f76·6972·7475·616c·697a·6174·696f··le_virtualizatio
		0003b3d0:·6e5f·7479·7065·206e·6f74·2069·6e20·5b22··n_type·not·in·["
		0003b3e0:·646f·636b·6572·222c·2022·6c78·6322·2c20··docker",·"lxc",·
		0003b3f0:·226f·7065·6e76·7a22·2c20·2270·6f64·6d61··"openvz",·"podma
		0003b400:·6e22·2c20·2263·6f6e·7461·696e·6572·225d··n",·"container"]
		0003b410:·0a20·2074·6167·733a·0a20·202d·2043·4a49··.··tags:.··-·CJI
		0003b420:·532d·352e·3130·2e31·2e33·0a20·202d·2044··S-5.10.1.3.··-·D
		0003b430:·4953·412d·5354·4947·2d55·4254·552d·3230··ISA-STIG-UBTU-20
		0003b440:·2d30·3130·3435·300a·2020·2d20·4e49·5354··-010450.··-·NIST
		0003b450:·2d38·3030·2d35·332d·434d·2d36·2861·290a··-800-53-CM-6(a).
		0003b460:·2020·2d20·5043·492d·4453·532d·5265·712d····-·PCI-DSS-Req-
		0003b470:·3131·2e35·0a20·202d·2050·4349·2d44·5353··11.5.··-·PCI-DSS
		0003b480:·7634·2d31·312e·352e·320a·2020·2d20·656e··v4-11.5.2.··-·en
		0003b490:·6162·6c65·5f73·7472·6174·6567·790a·2020··able_strategy.··
		0003b4a0:·2d20·6c6f·775f·636f·6d70·6c65·7869·7479··-·low_complexity
		0003b4b0:·0a20·202d·206c·6f77·5f64·6973·7275·7074··.··-·low_disrupt
		0003b4c0:·696f·6e0a·2020·2d20·6d65·6469·756d·5f73··ion.··-·medium_s
		0003b4d0:·6576·6572·6974·790a·2020·2d20·6e6f·5f72··everity.··-·no_r
		0003b4e0:·6562·6f6f·745f·6e65·6564·6564·0a20·202d··eboot_needed.··-
		0003b4f0:·2070·6163·6b61·6765·5f61·6964·655f·696e···package_aide_in
		0003b500:·7374·616c·6c65·640a·3c2f·636f·6465·3e3c··stalled.</code><
		0003b510:·2f70·7265·3e3c·2f64·6976·3e3c·6120·636c··/pre></div><a·cl
		0003b520:·6173·733d·2262·746e·2062·746e·2d73·7563··ass="btn·btn-suc
		0003b530:·6365·7373·2220·6461·7461·2d74·6f67·676c··cess"·data-toggl
		0003b540:·653d·2263·6f6c·6c61·7073·6522·2064·6174··e="collapse"·dat
		0003b550:·612d·7461·7267·6574·3d22·2369·646d·3237··a-target="#idm27
		0003b560:·3338·2220·7461·6269·6e64·6578·3d22·3022··38"·tabindex="0"
		0003b570:·2072·6f6c·653d·2262·7574·746f·6e22·2061···role="button"·a
		0003b580:·7269·612d·6578·7061·6e64·6564·3d22·6661··ria-expanded="fa
		0003b590:·6c73·6522·2074·6974·6c65·3d22·4163·7469··lse"·title="Acti
		0003b5a0:·7661·7465·2074·6f20·7265·7665·616c·2220··vate·to·reveal"·
		0003b5b0:·6872·6566·3d22·2321·223e·5265·6d65·6469··href="#!">Remedi
0003b0d0:·6174·696f·6e20·5368·656c·6c20·7363·7269··ation·Shell·scri		0003b5c0:·6174·696f·6e20·5368·656c·6c20·7363·7269··ation·Shell·scri
0003b0e0:·7074·20e2·87b2·3c2f·613e·3c62·723e·3c64··pt·...</a><br><d		0003b5d0:·7074·20e2·87b2·3c2f·613e·3c62·723e·3c64··pt·...</a><br><d
0003b0f0:·6976·2063·6c61·7373·3d22·7061·6e65·6c2d··iv·class="panel-		0003b5e0:·6976·2063·6c61·7373·3d22·7061·6e65·6c2d··iv·class="panel-
0003b100:·636f·6c6c·6170·7365·2063·6f6c·6c61·7073··collapse·collaps		0003b5f0:·636f·6c6c·6170·7365·2063·6f6c·6c61·7073··collapse·collaps
0003b110:·6522·2069·643d·2269·646d·3237·3336·223e··e"·id="idm2736">		0003b600:·6522·2069·643d·2269·646d·3237·3338·223e··e"·id="idm2738">
0003b120:·3c74·6162·6c65·2063·6c61·7373·3d22·7461··<table·class="ta		0003b610:·3c74·6162·6c65·2063·6c61·7373·3d22·7461··<table·class="ta
0003b130:·626c·6520·7461·626c·652d·7374·7269·7065··ble·table-stripe		0003b620:·626c·6520·7461·626c·652d·7374·7269·7065··ble·table-stripe
0003b140:·6420·7461·626c·652d·626f·7264·6572·6564··d·table-bordered		0003b630:·6420·7461·626c·652d·626f·7264·6572·6564··d·table-bordered
0003b150:·2074·6162·6c65·2d63·6f6e·6465·6e73·6564···table-condensed		0003b640:·2074·6162·6c65·2d63·6f6e·6465·6e73·6564···table-condensed
0003b160:·223e·3c74·723e·3c74·683e·436f·6d70·6c65··"><tr><th>Comple		0003b650:·223e·3c74·723e·3c74·683e·436f·6d70·6c65··"><tr><th>Comple
0003b170:·7869·7479·3a3c·2f74·683e·3c74·643e·6c6f··xity:</th><td>lo		0003b660:·7869·7479·3a3c·2f74·683e·3c74·643e·6c6f··xity:</th><td>lo
0003b180:·773c·2f74·643e·3c2f·7472·3e3c·7472·3e3c··w</td></tr><tr><		0003b670:·773c·2f74·643e·3c2f·7472·3e3c·7472·3e3c··w</td></tr><tr><
0003b190:·7468·3e44·6973·7275·7074·696f·6e3a·3c2f··th>Disruption:</		0003b680:·7468·3e44·6973·7275·7074·696f·6e3a·3c2f··th>Disruption:</
0003b1a0:·7468·3e3c·7464·3e6c·6f77·3c2f·7464·3e3c··th><td>low</td><		0003b690:·7468·3e3c·7464·3e6c·6f77·3c2f·7464·3e3c··th><td>low</td><
0003b1b0:·2f74·723e·3c74·723e·3c74·683e·5265·626f··/tr><tr><th>Rebo		0003b6a0:·2f74·723e·3c74·723e·3c74·683e·5265·626f··/tr><tr><th>Rebo
0003b1c0:·6f74·3a3c·2f74·683e·3c74·643e·6661·6c73··ot:</th><td>fals		0003b6b0:·6f74·3a3c·2f74·683e·3c74·643e·6661·6c73··ot:</th><td>fals
0003b1d0:·653c·2f74·643e·3c2f·7472·3e3c·7472·3e3c··e</td></tr><tr><		0003b6c0:·653c·2f74·643e·3c2f·7472·3e3c·7472·3e3c··e</td></tr><tr><
0003b1e0:·7468·3e53·7472·6174·6567·793a·3c2f·7468··th>Strategy:</th		0003b6d0:·7468·3e53·7472·6174·6567·793a·3c2f·7468··th>Strategy:</th
0003b1f0:·3e3c·7464·3e65·6e61·626c·653c·2f74·643e··><td>enable</td>		0003b6e0:·3e3c·7464·3e65·6e61·626c·653c·2f74·643e··><td>enable</td>
0003b200:·3c2f·7472·3e3c·2f74·6162·6c65·3e3c·7072··</tr></table><pr		0003b6f0:·3c2f·7472·3e3c·2f74·6162·6c65·3e3c·7072··</tr></table><pr
0003b210:·653e·3c63·6f64·653e·2320·5265·6d65·6469··e><code>#·Remedi		0003b700:·653e·3c63·6f64·653e·2320·5265·6d65·6469··e><code>#·Remedi
0003b220:·6174·696f·6e20·6973·2061·7070·6c69·6361··ation·is·applica		0003b710:·6174·696f·6e20·6973·2061·7070·6c69·6361··ation·is·applica
0003b230:·626c·6520·6f6e·6c79·2069·6e20·6365·7274··ble·only·in·cert		0003b720:·626c·6520·6f6e·6c79·2069·6e20·6365·7274··ble·only·in·cert
0003b240:·6169·6e20·706c·6174·666f·726d·730a·6966··ain·platforms.if		0003b730:·6169·6e20·706c·6174·666f·726d·730a·6966··ain·platforms.if
0003b250:·205b·2021·202d·6620·2f2e·646f·636b·6572···[·!·-f·/.docker		0003b740:·205b·2021·202d·6620·2f2e·646f·636b·6572···[·!·-f·/.docker
Max diff block lines reached; 17020122/17037840 bytes (99.90%) of diff not shown.


Offset 41, 15 lines modified		Offset 41, 15 lines modified
41	P\x8Pr\x8ro\x8of\x8fi\x8il\x8le\x8e·T\x8Ti\x8it\x8tl\x8le\x8e·Canonical·Ubuntu·20.04·LTS·Security·Technical·Implementation	41	P\x8Pr\x8ro\x8of\x8fi\x8il\x8le\x8e·T\x8Ti\x8it\x8tl\x8le\x8e·Canonical·Ubuntu·20.04·LTS·Security·Technical·Implementation
42	··············Guide·(STIG)·V1R11	42	··············Guide·(STIG)·V1R11
43	P\x8Pr\x8ro\x8of\x8fi\x8il\x8le\x8e·I\x8ID\x8D····xccdf_org.ssgproject.content_profile_stig	43	P\x8Pr\x8ro\x8of\x8fi\x8il\x8le\x8e·I\x8ID\x8D····xccdf_org.ssgproject.content_profile_stig
44	\x8\x8\x8·C\x8CP\x8PE\x8E·P\x8Pl\x8la\x8at\x8tf\x8fo\x8or\x8rm\x8ms\x8s·\x8\x8\x8	44	\x8\x8\x8·C\x8CP\x8PE\x8E·P\x8Pl\x8la\x8at\x8tf\x8fo\x8or\x8rm\x8ms\x8s·\x8\x8\x8
45	····*·cpe:/o:canonical:ubuntu_linux:20.04::~~lts~~~	45	····*·cpe:/o:canonical:ubuntu_linux:20.04::~~lts~~~
46	\x8\x8\x8\x8\x8·R\x8Re\x8ev\x8vi\x8is\x8si\x8io\x8on\x8n·H\x8Hi\x8is\x8st\x8to\x8or\x8ry\x8y·\x8\x8\x8\x8\x8	46	\x8\x8\x8\x8\x8·R\x8Re\x8ev\x8vi\x8is\x8si\x8io\x8on\x8n·H\x8Hi\x8is\x8st\x8to\x8or\x8ry\x8y·\x8\x8\x8\x8\x8
47	Current·version:·0\x80.\x8.1\x81.\x8.7\x874\x84	47	Current·version:·0\x80.\x8.1\x81.\x8.7\x874\x84
48	····*·d\x8dr\x8ra\x8af\x8ft\x8t·(as·of·2026-01-08)	48	····*·d\x8dr\x8ra\x8af\x8ft\x8t·(as·of·2024-12-07)
49	\x8\x8\x8\x8\x8·T\x8Ta\x8ab\x8bl\x8le\x8e·o\x8of\x8f·C\x8Co\x8on\x8nt\x8te\x8en\x8nt\x8ts\x8s·\x8\x8\x8\x8\x8	49	\x8\x8\x8\x8\x8·T\x8Ta\x8ab\x8bl\x8le\x8e·o\x8of\x8f·C\x8Co\x8on\x8nt\x8te\x8en\x8nt\x8ts\x8s·\x8\x8\x8\x8\x8
50	···1.·_\x8S_\x8y_\x8s_\x8t_\x8e_\x8m_\x8·_\x8S_\x8e_\x8t_\x8t_\x8i_\x8n_\x8g_\x8s	50	···1.·_\x8S_\x8y_\x8s_\x8t_\x8e_\x8m_\x8·_\x8S_\x8e_\x8t_\x8t_\x8i_\x8n_\x8g_\x8s
51	·········1.·_\x8I_\x8n_\x8s_\x8t_\x8a_\x8l_\x8l_\x8i_\x8n_\x8g_\x8·_\x8a_\x8n_\x8d_\x8·_\x8M_\x8a_\x8i_\x8n_\x8t_\x8a_\x8i_\x8n_\x8i_\x8n_\x8g_\x8·_\x8S_\x8o_\x8f_\x8t_\x8w_\x8a_\x8r_\x8e	51	·········1.·_\x8I_\x8n_\x8s_\x8t_\x8a_\x8l_\x8l_\x8i_\x8n_\x8g_\x8·_\x8a_\x8n_\x8d_\x8·_\x8M_\x8a_\x8i_\x8n_\x8t_\x8a_\x8i_\x8n_\x8i_\x8n_\x8g_\x8·_\x8S_\x8o_\x8f_\x8t_\x8w_\x8a_\x8r_\x8e
52	·········2.·_\x8A_\x8c_\x8c_\x8o_\x8u_\x8n_\x8t_\x8·_\x8a_\x8n_\x8d_\x8·_\x8A_\x8c_\x8c_\x8e_\x8s_\x8s_\x8·_\x8C_\x8o_\x8n_\x8t_\x8r_\x8o_\x8l	52	·········2.·_\x8A_\x8c_\x8c_\x8o_\x8u_\x8n_\x8t_\x8·_\x8a_\x8n_\x8d_\x8·_\x8A_\x8c_\x8c_\x8e_\x8s_\x8s_\x8·_\x8C_\x8o_\x8n_\x8t_\x8r_\x8o_\x8l
53	·········3.·_\x8A_\x8p_\x8p_\x8A_\x8r_\x8m_\x8o_\x8r	53	·········3.·_\x8A_\x8p_\x8p_\x8A_\x8r_\x8m_\x8o_\x8r
54	·········4.·_\x8G_\x8R_\x8U_\x8B_\x82_\x8·_\x8b_\x8o_\x8o_\x8t_\x8l_\x8o_\x8a_\x8d_\x8e_\x8r_\x8·_\x8c_\x8o_\x8n_\x8f_\x8i_\x8g_\x8u_\x8r_\x8a_\x8t_\x8i_\x8o_\x8n	54	·········4.·_\x8G_\x8R_\x8U_\x8B_\x82_\x8·_\x8b_\x8o_\x8o_\x8t_\x8l_\x8o_\x8a_\x8d_\x8e_\x8r_\x8·_\x8c_\x8o_\x8n_\x8f_\x8i_\x8g_\x8u_\x8r_\x8a_\x8t_\x8i_\x8o_\x8n
55	·········5.·_\x8C_\x8o_\x8n_\x8f_\x8i_\x8g_\x8u_\x8r_\x8e_\x8·_\x8S_\x8y_\x8s_\x8l_\x8o_\x8g	55	·········5.·_\x8C_\x8o_\x8n_\x8f_\x8i_\x8g_\x8u_\x8r_\x8e_\x8·_\x8S_\x8y_\x8s_\x8l_\x8o_\x8g
Offset 126, 27 lines modified		Offset 126, 19 lines modified
126	include·install_aide	126	include·install_aide

127	class·install_aide·{	127	class·install_aide·{
128	··package·{·'aide':	128	··package·{·'aide':
129	····ensure·=>·'installed',	129	····ensure·=>·'installed',
130	··}	130	··}
131	}	131	}
		132	_\x8R_\x8e_\x8m_\x8e_\x8d_\x8i_\x8a_\x8t_\x8i_\x8o_\x8n_\x8·_\x8O_\x8S_\x8B_\x8u_\x8i_\x8l_\x8d_\x8·_\x8B_\x8l_\x8u_\x8e_\x8p_\x8r_\x8i_\x8n_\x8t_\x8·_\x8s_\x8n_\x8i_\x8p_\x8p_\x8e_\x8t_\x8·_\x8⇲
132	_\x8R_\x8e_\x8m_\x8e_\x8d_\x8i_\x8a_\x8t_\x8i_\x8o_\x8n_\x8·_\x8S_\x8h_\x8e_\x8l_\x8l_\x8·_\x8s_\x8c_\x8r_\x8i_\x8p_\x8t_\x8·_\x8⇲
133	C\x8Co\x8om\x8mp\x8pl\x8le\x8ex\x8xi\x8it\x8ty\x8y:\x8:·low
134	D\x8Di\x8is\x8sr\x8ru\x8up\x8pt\x8ti\x8io\x8on\x8n:\x8:·low
135	R\x8Re\x8eb\x8bo\x8oo\x8ot\x8t:\x8:·····false
136	S\x8St\x8tr\x8ra\x8at\x8te\x8eg\x8gy\x8y:\x8:···enable
137	#·Remediation·is·applicable·only·in·certain·platforms
138	if·[·!·-f·/.dockerenv·]·&&·[·!·-f·/run/.containerenv·];·then

139	DEBIAN_FRONTEND=noninteractive·apt-get·install·-y·"aide"

140	else
141	····>&2·echo·'Remediation·is·not·applicable,·nothing·was·done'
142	fi	133	[[packages]]
		134	name·=·"aide"
		135	version·=·"*"
143	_\x8R_\x8e_\x8m_\x8e_\x8d_\x8i_\x8a_\x8t_\x8i_\x8o_\x8n_\x8·_\x8A_\x8n_\x8s_\x8i_\x8b_\x8l_\x8e_\x8·_\x8s_\x8n_\x8i_\x8p_\x8p_\x8e_\x8t_\x8·_\x8⇲	136	_\x8R_\x8e_\x8m_\x8e_\x8d_\x8i_\x8a_\x8t_\x8i_\x8o_\x8n_\x8·_\x8A_\x8n_\x8s_\x8i_\x8b_\x8l_\x8e_\x8·_\x8s_\x8n_\x8i_\x8p_\x8p_\x8e_\x8t_\x8·_\x8⇲
144	C\x8Co\x8om\x8mp\x8pl\x8le\x8ex\x8xi\x8it\x8ty\x8y:\x8:·low	137	C\x8Co\x8om\x8mp\x8pl\x8le\x8ex\x8xi\x8it\x8ty\x8y:\x8:·low
145	D\x8Di\x8is\x8sr\x8ru\x8up\x8pt\x8ti\x8io\x8on\x8n:\x8:·low	138	D\x8Di\x8is\x8sr\x8ru\x8up\x8pt\x8ti\x8io\x8on\x8n:\x8:·low
146	R\x8Re\x8eb\x8bo\x8oo\x8ot\x8t:\x8:·····false	139	R\x8Re\x8eb\x8bo\x8oo\x8ot\x8t:\x8:·····false
147	S\x8St\x8tr\x8ra\x8at\x8te\x8eg\x8gy\x8y:\x8:···enable	140	S\x8St\x8tr\x8ra\x8at\x8te\x8eg\x8gy\x8y:\x8:···enable
148	-·name:·Ensure·aide·is·installed	141	-·name:·Ensure·aide·is·installed
149	··package:	142	··package:
Offset 161, 19 lines modified		Offset 153, 27 lines modified
161	··-·PCI-DSSv4-11.5.2	153	··-·PCI-DSSv4-11.5.2
162	··-·enable_strategy	154	··-·enable_strategy
163	··-·low_complexity	155	··-·low_complexity
164	··-·low_disruption	156	··-·low_disruption
165	··-·medium_severity	157	··-·medium_severity
166	··-·no_reboot_needed	158	··-·no_reboot_needed
167	··-·package_aide_installed	159	··-·package_aide_installed
168	_\x8R_\x8e_\x8m_\x8e_\x8d_\x8i_\x8a_\x8t_\x8i_\x8o_\x8n_\x8·_\x8~~O_.~~S~~_.B~~_.u_.i_.l~~_.d_.·_.B~~_.l~~_.u_.e_.p_.r_.i_.n_.t~~_.·_.s_.n_.i_.p_.p~~_.e~~_\x8t_\x8·_\x8⇲	160	_\x8R_\x8e_\x8m_\x8e_\x8d_\x8i_\x8a_\x8t_\x8i_\x8o_\x8n_\x8·_\x8S_.h_.e_.l_.l_.·_.s_.c_.r_.i_.p_\x8t_\x8·_\x8⇲
		161	C\x8Co\x8om\x8mp\x8pl\x8le\x8ex\x8xi\x8it\x8ty\x8y:\x8:·low
		162	D\x8Di\x8is\x8sr\x8ru\x8up\x8pt\x8ti\x8io\x8on\x8n:\x8:·low
		163	R\x8Re\x8eb\x8bo\x8oo\x8ot\x8t:\x8:·····false
		164	S\x8St\x8tr\x8ra\x8at\x8te\x8eg\x8gy\x8y:\x8:···enable
		165	#·Remediation·is·applicable·only·in·certain·platforms
		166	if·[·!·-f·/.dockerenv·]·&&·[·!·-f·/run/.containerenv·];·then

169	[[packages]]
170	name·=·"aide"
171	version·=·"*"	167	DEBIAN_FRONTEND=noninteractive·apt-get·install·-y·"aide"

		168	else
		169	····>&2·echo·'Remediation·is·not·applicable,·nothing·was·done'
		170	fi
172	\x8\x8\x8·R\x8Ru\x8ul\x8le\x8e?\x8 ?\x8 ·B\x8Bu\x8ui\x8il\x8ld\x8d·a\x8an\x8nd\x8d·T\x8Te\x8es\x8st\x8t·A\x8AI\x8ID\x8DE\x8E·D\x8Da\x8at\x8ta\x8ab\x8ba\x8as\x8se\x8e·?\x8 ?\x8 _\x8[\x8[_\x8r\x8r_\x8e\x8e_\x8f\x8f_\x8]\x8]·\x8\x8\x8	171	\x8\x8\x8·R\x8Ru\x8ul\x8le\x8e?\x8 ?\x8 ·B\x8Bu\x8ui\x8il\x8ld\x8d·a\x8an\x8nd\x8d·T\x8Te\x8es\x8st\x8t·A\x8AI\x8ID\x8DE\x8E·D\x8Da\x8at\x8ta\x8ab\x8ba\x8as\x8se\x8e·?\x8 ?\x8 _\x8[\x8[_\x8r\x8r_\x8e\x8e_\x8f\x8f_\x8]\x8]·\x8\x8\x8
173	Run·the·following·command·to·generate·a·new·database:	172	Run·the·following·command·to·generate·a·new·database:
174	$·sudo·aideinit	173	$·sudo·aideinit
175	By·default,·the·database·will·be·written·to·the·file·/var/lib/aide/aide.db.new.·Storing·the·database,·the	174	By·default,·the·database·will·be·written·to·the·file·/var/lib/aide/aide.db.new.·Storing·the·database,·the
176	configuration·file·/etc/aide.conf,·and·the·binary·/usr/bin/aide.wrapper·(or·hashes·of·these·files),·in·a	175	configuration·file·/etc/aide.conf,·and·the·binary·/usr/bin/aide.wrapper·(or·hashes·of·these·files),·in·a
177	secure·location·(such·as·on·read-only·media)·provides·additional·assurance·about·their·integrity.·The	176	secure·location·(such·as·on·read-only·media)·provides·additional·assurance·about·their·integrity.·The
178	newly-generated·database·can·be·installed·as·follows:	177	newly-generated·database·can·be·installed·as·follows:
Offset 199, 40 lines modified		Offset 199, 14 lines modified
199	············_\x8p_\x8c_\x8i_\x8d_\x8s_\x8s·········Req-11.5	199	············_\x8p_\x8c_\x8i_\x8d_\x8s_\x8s·········Req-11.5
200	············_\x8o_\x8s_\x8-_\x8s_\x8r_\x8g·········SRG-OS-000445-GPOS-00199	200	············_\x8o_\x8s_\x8-_\x8s_\x8r_\x8g·········SRG-OS-000445-GPOS-00199
201	············_\x8s_\x8t_\x8i_\x8g_\x8i_\x8d·········UBTU-20-010450	201	············_\x8s_\x8t_\x8i_\x8g_\x8i_\x8d·········UBTU-20-010450
202	············_\x8c_\x8i_\x8s············1.4.1	202	············_\x8c_\x8i_\x8s············1.4.1
203	············_\x8a_\x8n_\x8s_\x8s_\x8i··········R76,·R79	203	············_\x8a_\x8n_\x8s_\x8s_\x8i··········R76,·R79
204	············_\x8p_\x8c_\x8i_\x8d_\x8s_\x8s_\x84········11.5.2	204	············_\x8p_\x8c_\x8i_\x8d_\x8s_\x8s_\x84········11.5.2
205	············_\x8s_\x8t_\x8i_\x8g_\x8r_\x8e_\x8f········SV-238371r880913_rule	205	············_\x8s_\x8t_\x8i_\x8g_\x8r_\x8e_\x8f········SV-238371r880913_rule
206	_\x8R_\x8e_\x8m_\x8e_\x8d_\x8i_\x8a_\x8t_\x8i_\x8o_\x8n_\x8·_\x8S_\x8h_\x8e_\x8l_\x8l_\x8·_\x8s_\x8c_\x8r_\x8i_\x8p_\x8t_\x8·_\x8⇲
207	#·Remediation·is·applicable·only·in·certain·platforms
208	if·[·!·-f·/.dockerenv·]·&&·[·!·-f·/run/.containerenv·];·then

209	DEBIAN_FRONTEND=noninteractive·apt-get·install·-y·"aide"

210	AIDE_CONFIG=/etc/aide/aide.conf
211	DEFAULT_DB_PATH=/var/lib/aide/aide.db

212	#·Fix·db·path·in·the·config·file,·if·necessary
213	if·!·grep·-q·'^database=file:'·${AIDE_CONFIG};·then
214	····#·replace_or_append·gets·confused·by·'database=file'·as·a·key,·so·should·not·be·used.
215	····#replace_or_append·"${AIDE_CONFIG}"·'^database=file'·"${DEFAULT_DB_PATH}"·'@CCENUM@'·'%s:%s'
216	····echo·"database=file:${DEFAULT_DB_PATH}"·>>·${AIDE_CONFIG}
217	fi

218	#·Fix·db·out·path·in·the·config·file,·if·necessary
219	if·!·grep·-q·'^database_out=file:'·${AIDE_CONFIG};·then
220	····echo·"database_out=file:${DEFAULT_DB_PATH}.new"·>>·${AIDE_CONFIG}
221	fi

222	/usr/sbin/aideinit·-y·-f

223	else
224	····>&2·echo·'Remediation·is·not·applicable,·nothing·was·done'
225	fi
226	_\x8R_\x8e_\x8m_\x8e_\x8d_\x8i_\x8a_\x8t_\x8i_\x8o_\x8n_\x8·_\x8A_\x8n_\x8s_\x8i_\x8b_\x8l_\x8e_\x8·_\x8s_\x8n_\x8i_\x8p_\x8p_\x8e_\x8t_\x8·_\x8⇲	206	_\x8R_\x8e_\x8m_\x8e_\x8d_\x8i_\x8a_\x8t_\x8i_\x8o_\x8n_\x8·_\x8A_\x8n_\x8s_\x8i_\x8b_\x8l_\x8e_\x8·_\x8s_\x8n_\x8i_\x8p_\x8p_\x8e_\x8t_\x8·_\x8⇲
227	C\x8Co\x8om\x8mp\x8pl\x8le\x8ex\x8xi\x8it\x8ty\x8y:\x8:·low	207	C\x8Co\x8om\x8mp\x8pl\x8le\x8ex\x8xi\x8it\x8ty\x8y:\x8:·low
228	D\x8Di\x8is\x8sr\x8ru\x8up\x8pt\x8ti\x8io\x8on\x8n:\x8:·low	208	D\x8Di\x8is\x8sr\x8ru\x8up\x8pt\x8ti\x8io\x8on\x8n:\x8:·low
229	R\x8Re\x8eb\x8bo\x8oo\x8ot\x8t:\x8:·····false	209	R\x8Re\x8eb\x8bo\x8oo\x8ot\x8t:\x8:·····false
230	S\x8St\x8tr\x8ra\x8at\x8te\x8eg\x8gy\x8y:\x8:···restrict	210	S\x8St\x8tr\x8ra\x8at\x8te\x8eg\x8gy\x8y:\x8:···restrict
231	-·name:·Build·and·Test·AIDE·Database·-·Ensure·AIDE·Is·Installed	211	-·name:·Build·and·Test·AIDE·Database·-·Ensure·AIDE·Is·Installed
232	··ansible.builtin.apt:	212	··ansible.builtin.apt:
Offset 395, 14 lines modified		Offset 369, 40 lines modified
395	··-·PCI-DSSv4-11.5.2	369	··-·PCI-DSSv4-11.5.2
396	··-·aide_build_database	370	··-·aide_build_database
397	··-·low_complexity	371	··-·low_complexity
398	··-·low_disruption	372	··-·low_disruption
399	··-·medium_severity	373	··-·medium_severity
400	··-·no_reboot_needed	374	··-·no_reboot_needed
401	··-·restrict_strategy	375	··-·restrict_strategy
		376	_\x8R_\x8e_\x8m_\x8e_\x8d_\x8i_\x8a_\x8t_\x8i_\x8o_\x8n_\x8·_\x8S_\x8h_\x8e_\x8l_\x8l_\x8·_\x8s_\x8c_\x8r_\x8i_\x8p_\x8t_\x8·_\x8⇲
		377	#·Remediation·is·applicable·only·in·certain·platforms
Max diff block lines reached; 1187259/1193853 bytes (99.45%) of diff not shown.


Offset 14298, 15 lines modified		Offset 14298, 15 lines modified
00037d90:·6f72·793c·2f68·323e·3c70·3e43·7572·7265··ory</h2><p>Curre		00037d90:·6f72·793c·2f68·323e·3c70·3e43·7572·7265··ory</h2><p>Curre
00037da0:·6e74·2076·6572·7369·6f6e·3a20·3c73·7472··nt·version:·<str		00037da0:·6e74·2076·6572·7369·6f6e·3a20·3c73·7472··nt·version:·<str
00037db0:·6f6e·673e·302e·312e·3734·3c2f·7374·726f··ong>0.1.74</stro		00037db0:·6f6e·673e·302e·312e·3734·3c2f·7374·726f··ong>0.1.74</stro
00037dc0:·6e67·3e3c·2f70·3e3c·756c·3e3c·6c69·3e3c··ng></p><ul><li><		00037dc0:·6e67·3e3c·2f70·3e3c·756c·3e3c·6c69·3e3c··ng></p><ul><li><
00037dd0:·7374·726f·6e67·3e64·7261·6674·3c2f·7374··strong>draft</st		00037dd0:·7374·726f·6e67·3e64·7261·6674·3c2f·7374··strong>draft</st
00037de0:·726f·6e67·3e0a·2020·2020·2020·2020·2020··rong>.··········		00037de0:·726f·6e67·3e0a·2020·2020·2020·2020·2020··rong>.··········
00037df0:·2020·2020·2020·2020·2020·2861·7320·6f66············(as·of		00037df0:·2020·2020·2020·2020·2020·2861·7320·6f66············(as·of
00037e00:·2032·3032·362d·3031·2d30·3829·0a20·2020···2026-01-08).···		00037e00:·2032·3032·342d·3132·2d30·3729·0a20·2020···2024-12-07).···
00037e10:·2020·2020·2020·2020·2020·2020·203c·2f6c···············</l		00037e10:·2020·2020·2020·2020·2020·2020·203c·2f6c···············</l
00037e20:·693e·3c2f·756c·3e3c·2f64·6976·3e3c·6832··i></ul></div><h2		00037e20:·693e·3c2f·756c·3e3c·2f64·6976·3e3c·6832··i></ul></div><h2
00037e30:·3e54·6162·6c65·206f·6620·436f·6e74·656e··>Table·of·Conten		00037e30:·3e54·6162·6c65·206f·6620·436f·6e74·656e··>Table·of·Conten
00037e40:·7473·3c2f·6832·3e3c·6f6c·3e3c·6c69·3e3c··ts</h2><ol><li><		00037e40:·7473·3c2f·6832·3e3c·6f6c·3e3c·6c69·3e3c··ts</h2><ol><li><
00037e50:·6120·6872·6566·3d22·2378·6363·6466·5f6f··a·href="#xccdf_o		00037e50:·6120·6872·6566·3d22·2378·6363·6466·5f6f··a·href="#xccdf_o
00037e60:·7267·2e73·7367·7072·6f6a·6563·742e·636f··rg.ssgproject.co		00037e60:·7267·2e73·7367·7072·6f6a·6563·742e·636f··rg.ssgproject.co
00037e70:·6e74·656e·745f·6772·6f75·705f·7379·7374··ntent_group_syst		00037e70:·6e74·656e·745f·6772·6f75·705f·7379·7374··ntent_group_syst
Offset 15104, 130 lines modified		Offset 15104, 130 lines modified
0003aff0:·6574·3d22·2369·646d·3239·3033·2220·7461··et="#idm2903"·ta		0003aff0:·6574·3d22·2369·646d·3239·3033·2220·7461··et="#idm2903"·ta
0003b000:·6269·6e64·6578·3d22·3022·2072·6f6c·653d··bindex="0"·role=		0003b000:·6269·6e64·6578·3d22·3022·2072·6f6c·653d··bindex="0"·role=
0003b010:·2262·7574·746f·6e22·2061·7269·612d·6578··"button"·aria-ex		0003b010:·2262·7574·746f·6e22·2061·7269·612d·6578··"button"·aria-ex
0003b020:·7061·6e64·6564·3d22·6661·6c73·6522·2074··panded="false"·t		0003b020:·7061·6e64·6564·3d22·6661·6c73·6522·2074··panded="false"·t
0003b030:·6974·6c65·3d22·4163·7469·7661·7465·2074··itle="Activate·t		0003b030:·6974·6c65·3d22·4163·7469·7661·7465·2074··itle="Activate·t
0003b040:·6f20·7265·7665·616c·2220·6872·6566·3d22··o·reveal"·href="		0003b040:·6f20·7265·7665·616c·2220·6872·6566·3d22··o·reveal"·href="
0003b050:·2321·223e·5265·6d65·6469·6174·696f·6e20··#!">Remediation·		0003b050:·2321·223e·5265·6d65·6469·6174·696f·6e20··#!">Remediation·
		0003b060:·4f53·4275·696c·6420·426c·7565·7072·696e··OSBuild·Blueprin
		0003b070:·7420·736e·6970·7065·7420·e287·b23c·2f61··t·snippet·...</a
		0003b080:·3e3c·6272·3e3c·6469·7620·636c·6173·733d··><br><div·class=
		0003b090:·2270·616e·656c·2d63·6f6c·6c61·7073·6520··"panel-collapse·
		0003b0a0:·636f·6c6c·6170·7365·2220·6964·3d22·6964··collapse"·id="id
		0003b0b0:·6d32·3930·3322·3e3c·7072·653e·3c63·6f64··m2903"><pre><cod
		0003b0c0:·653e·0a5b·5b70·6163·6b61·6765·735d·5d0a··e>.[[packages]].
		0003b0d0:·6e61·6d65·203d·2022·6169·6465·220a·7665··name·=·"aide".ve
		0003b0e0:·7273·696f·6e20·3d20·222a·220a·3c2f·636f··rsion·=·"*".</co
0003b060:·5368·656c·6c20·7363·7269·7074·20e2·87b2··Shell·script·...
0003b070:·3c2f·613e·3c62·723e·3c64·6976·2063·6c61··</a><br><div·cla
0003b080:·7373·3d22·7061·6e65·6c2d·636f·6c6c·6170··ss="panel-collap
0003b090:·7365·2063·6f6c·6c61·7073·6522·2069·643d··se·collapse"·id=
0003b0a0:·2269·646d·3239·3033·223e·3c74·6162·6c65··"idm2903"><table
0003b0b0:·2063·6c61·7373·3d22·7461·626c·6520·7461···class="table·ta
0003b0c0:·626c·652d·7374·7269·7065·6420·7461·626c··ble-striped·tabl
0003b0d0:·652d·626f·7264·6572·6564·2074·6162·6c65··e-bordered·table
0003b0e0:·2d63·6f6e·6465·6e73·6564·223e·3c74·723e··-condensed"><tr>
0003b0f0:·3c74·683e·436f·6d70·6c65·7869·7479·3a3c··<th>Complexity:<
0003b100:·2f74·683e·3c74·643e·6c6f·773c·2f74·643e··/th><td>low</td>
0003b110:·3c2f·7472·3e3c·7472·3e3c·7468·3e44·6973··</tr><tr><th>Dis
0003b120:·7275·7074·696f·6e3a·3c2f·7468·3e3c·7464··ruption:</th><td
0003b130:·3e6c·6f77·3c2f·7464·3e3c·2f74·723e·3c74··>low</td></tr><t
0003b140:·723e·3c74·683e·5265·626f·6f74·3a3c·2f74··r><th>Reboot:</t
0003b150:·683e·3c74·643e·6661·6c73·653c·2f74·643e··h><td>false</td>
0003b160:·3c2f·7472·3e3c·7472·3e3c·7468·3e53·7472··</tr><tr><th>Str
0003b170:·6174·6567·793a·3c2f·7468·3e3c·7464·3e65··ategy:</th><td>e
0003b180:·6e61·626c·653c·2f74·643e·3c2f·7472·3e3c··nable</td></tr><
0003b190:·2f74·6162·6c65·3e3c·7072·653e·3c63·6f64··/table><pre><cod
0003b1a0:·653e·2320·5265·6d65·6469·6174·696f·6e20··e>#·Remediation·
0003b1b0:·6973·2061·7070·6c69·6361·626c·6520·6f6e··is·applicable·on
0003b1c0:·6c79·2069·6e20·6365·7274·6169·6e20·706c··ly·in·certain·pl
0003b1d0:·6174·666f·726d·730a·6966·205b·2021·202d··atforms.if·[·!·-
0003b1e0:·6620·2f2e·646f·636b·6572·656e·7620·5d20··f·/.dockerenv·]·
0003b1f0:·2661·6d70·3b26·616d·703b·205b·2021·202d··&&·[·!·-
0003b200:·6620·2f72·756e·2f2e·636f·6e74·6169·6e65··f·/run/.containe
0003b210:·7265·6e76·205d·3b20·7468·656e·0a0a·4445··renv·];·then..DE
0003b220:·4249·414e·5f46·524f·4e54·454e·443d·6e6f··BIAN_FRONTEND=no
0003b230:·6e69·6e74·6572·6163·7469·7665·2061·7074··ninteractive·apt
0003b240:·2d67·6574·2069·6e73·7461·6c6c·202d·7920··-get·install·-y·
0003b250:·2261·6964·6522·0a0a·656c·7365·0a20·2020··"aide"..else.···
0003b260:·2026·6774·3b26·616d·703b·3220·6563·686f···>&2·echo
0003b270:·2027·5265·6d65·6469·6174·696f·6e20·6973···'Remediation·is
0003b280:·206e·6f74·2061·7070·6c69·6361·626c·652c···not·applicable,
0003b290:·206e·6f74·6869·6e67·2077·6173·2064·6f6e···nothing·was·don
0003b2a0:·6527·0a66·690a·3c2f·636f·6465·3e3c·2f70··e'.fi.</code></p
0003b2b0:·7265·3e3c·2f64·6976·3e3c·6120·636c·6173··re></div><a·clas
0003b2c0:·733d·2262·746e·2062·746e·2d73·7563·6365··s="btn·btn-succe
0003b2d0:·7373·2220·6461·7461·2d74·6f67·676c·653d··ss"·data-toggle=
0003b2e0:·2263·6f6c·6c61·7073·6522·2064·6174·612d··"collapse"·data-
0003b2f0:·7461·7267·6574·3d22·2369·646d·3239·3034··target="#idm2904
0003b300:·2220·7461·6269·6e64·6578·3d22·3022·2072··"·tabindex="0"·r
0003b310:·6f6c·653d·2262·7574·746f·6e22·2061·7269··ole="button"·ari
0003b320:·612d·6578·7061·6e64·6564·3d22·6661·6c73··a-expanded="fals
0003b330:·6522·2074·6974·6c65·3d22·4163·7469·7661··e"·title="Activa
0003b340:·7465·2074·6f20·7265·7665·616c·2220·6872··te·to·reveal"·hr
0003b350:·6566·3d22·2321·223e·5265·6d65·6469·6174··ef="#!">Remediat
0003b360:·696f·6e20·416e·7369·626c·6520·736e·6970··ion·Ansible·snip
0003b370:·7065·7420·e287·b23c·2f61·3e3c·6272·3e3c··pet·...</a><br><
0003b380:·6469·7620·636c·6173·733d·2270·616e·656c··div·class="panel
0003b390:·2d63·6f6c·6c61·7073·6520·636f·6c6c·6170··-collapse·collap
0003b3a0:·7365·2220·6964·3d22·6964·6d32·3930·3422··se"·id="idm2904"
0003b3b0:·3e3c·7461·626c·6520·636c·6173·733d·2274··><table·class="t
0003b3c0:·6162·6c65·2074·6162·6c65·2d73·7472·6970··able·table-strip
0003b3d0:·6564·2074·6162·6c65·2d62·6f72·6465·7265··ed·table-bordere
0003b3e0:·6420·7461·626c·652d·636f·6e64·656e·7365··d·table-condense
0003b3f0:·6422·3e3c·7472·3e3c·7468·3e43·6f6d·706c··d"><tr><th>Compl
0003b400:·6578·6974·793a·3c2f·7468·3e3c·7464·3e6c··exity:</th><td>l
0003b410:·6f77·3c2f·7464·3e3c·2f74·723e·3c74·723e··ow</td></tr><tr>
0003b420:·3c74·683e·4469·7372·7570·7469·6f6e·3a3c··<th>Disruption:<
0003b430:·2f74·683e·3c74·643e·6c6f·773c·2f74·643e··/th><td>low</td>
0003b440:·3c2f·7472·3e3c·7472·3e3c·7468·3e52·6562··</tr><tr><th>Reb
0003b450:·6f6f·743a·3c2f·7468·3e3c·7464·3e66·616c··oot:</th><td>fal
0003b460:·7365·3c2f·7464·3e3c·2f74·723e·3c74·723e··se</td></tr><tr>
0003b470:·3c74·683e·5374·7261·7465·6779·3a3c·2f74··<th>Strategy:</t
0003b480:·683e·3c74·643e·656e·6162·6c65·3c2f·7464··h><td>enable</td
0003b490:·3e3c·2f74·723e·3c2f·7461·626c·653e·3c70··></tr></table><p
0003b4a0:·7265·3e3c·636f·6465·3e2d·206e·616d·653a··re><code>-·name:
0003b4b0:·2045·6e73·7572·6520·6169·6465·2069·7320···Ensure·aide·is·
0003b4c0:·696e·7374·616c·6c65·640a·2020·7061·636b··installed.··pack
0003b4d0:·6167·653a·0a20·2020·206e·616d·653a·2061··age:.····name:·a
0003b4e0:·6964·650a·2020·2020·7374·6174·653a·2070··ide.····state:·p
0003b4f0:·7265·7365·6e74·0a20·2077·6865·6e3a·2061··resent.··when:·a
0003b500:·6e73·6962·6c65·5f76·6972·7475·616c·697a··nsible_virtualiz
0003b510:·6174·696f·6e5f·7479·7065·206e·6f74·2069··ation_type·not·i
0003b520:·6e20·5b22·646f·636b·6572·222c·2022·6c78··n·["docker",·"lx
0003b530:·6322·2c20·226f·7065·6e76·7a22·2c20·2270··c",·"openvz",·"p
0003b540:·6f64·6d61·6e22·2c20·2263·6f6e·7461·696e··odman",·"contain
0003b550:·6572·225d·0a20·2074·6167·733a·0a20·202d··er"].··tags:.··-
0003b560:·2043·4a49·532d·352e·3130·2e31·2e33·0a20···CJIS-5.10.1.3.·
0003b570:·202d·2044·4953·412d·5354·4947·2d55·4254···-·DISA-STIG-UBT
0003b580:·552d·3232·2d36·3531·3031·300a·2020·2d20··U-22-651010.··-·
0003b590:·4e49·5354·2d38·3030·2d35·332d·434d·2d36··NIST-800-53-CM-6
0003b5a0:·2861·290a·2020·2d20·5043·492d·4453·532d··(a).··-·PCI-DSS-
0003b5b0:·5265·712d·3131·2e35·0a20·202d·2050·4349··Req-11.5.··-·PCI
0003b5c0:·2d44·5353·7634·2d31·312e·352e·320a·2020··-DSSv4-11.5.2.··
0003b5d0:·2d20·656e·6162·6c65·5f73·7472·6174·6567··-·enable_strateg
0003b5e0:·790a·2020·2d20·6c6f·775f·636f·6d70·6c65··y.··-·low_comple
0003b5f0:·7869·7479·0a20·202d·206c·6f77·5f64·6973··xity.··-·low_dis
0003b600:·7275·7074·696f·6e0a·2020·2d20·6d65·6469··ruption.··-·medi
0003b610:·756d·5f73·6576·6572·6974·790a·2020·2d20··um_severity.··-·
0003b620:·6e6f·5f72·6562·6f6f·745f·6e65·6564·6564··no_reboot_needed
0003b630:·0a20·202d·2070·6163·6b61·6765·5f61·6964··.··-·package_aid
0003b640:·655f·696e·7374·616c·6c65·640a·3c2f·636f··e_installed.</co
Max diff block lines reached; 17506334/17524052 bytes (99.90%) of diff not shown.


Offset 3, 5591 lines modified		Offset 3, 5781 lines modified
3	··<ocil:generator>	3	··<ocil:generator>
4	····<ocil:product_name>build_shorthand.py·from·SCAP·Security·Guide</ocil:product_name>	4	····<ocil:product_name>build_shorthand.py·from·SCAP·Security·Guide</ocil:product_name>
5	····<ocil:product_version>ssg:·0.1.74</ocil:product_version>	5	····<ocil:product_version>ssg:·0.1.74</ocil:product_version>
6	····<ocil:schema_version>2.0</ocil:schema_version>	6	····<ocil:schema_version>2.0</ocil:schema_version>
7	····<ocil:timestamp>2024-11-02T18:39:34</ocil:timestamp>	7	····<ocil:timestamp>2024-11-02T18:39:34</ocil:timestamp>
8	··</ocil:generator>	8	··</ocil:generator>
9	··<ocil:questionnaires>	9	··<ocil:questionnaires>
10	····<ocil:questionnaire·id="ocil:ssg-~~sshd_di~~sable_~~roo~~t_lo~~gin~~_ocil:questionnaire:1">	10	····<ocil:questionnaire·id="ocil:ssg-package_rsyslog_installed_ocil:questionnaire:1">
		11	······<ocil:title>Ensure·rsyslog·is·Installed</ocil:title>
11	······<ocil:title>Disable·SSH·Root·Login</ocil:title>
12	······<ocil:actions>
13	········<ocil:test_action_ref>ocil:ssg-sshd_disable_root_login_action:testaction:1</ocil:test_action_ref>
14	······</ocil:actions>
15	····</ocil:questionnaire>
16	····<ocil:questionnaire·id="ocil:ssg-audit_rules_time_watch_localtime_ocil:questionnaire:1">
17	······<ocil:title>Record·Attempts·to·Alter·the·localtime·File</ocil:title>
18	······<ocil:actions>	12	······<ocil:actions>
19	········<ocil:test_action_ref>ocil:ssg-a~~udit~~_r~~ule~~s~~_time~~_~~watch_loc~~alt~~ime~~_action:testaction:1</ocil:test_action_ref>	13	········<ocil:test_action_ref>ocil:ssg-package_rsyslog_installed_action:testaction:1</ocil:test_action_ref>
20	······</ocil:actions>	14	······</ocil:actions>
21	····</ocil:questionnaire>	15	····</ocil:questionnaire>
22	····<ocil:questionnaire·id="ocil:ssg-ker~~nel_modul~~e_ip~~v6_option~~_disabled_ocil:questionnaire:1">	16	····<ocil:questionnaire·id="ocil:ssg-service_timesyncd_enabled_ocil:questionnaire:1">
23	······<ocil:title>Disable·IP~~v6·N~~et~~work~~i~~ng·Support~~·~~Automat~~ic~~·Loadin~~g</ocil:title>	17	······<ocil:title>Enable·systemd_timesyncd·Service</ocil:title>
24	······<ocil:actions>	18	······<ocil:actions>
25	········<ocil:test_action_ref>ocil:ssg-ker~~nel_modul~~e_ip~~v6_option~~_disabled_action:testaction:1</ocil:test_action_ref>	19	········<ocil:test_action_ref>ocil:ssg-service_timesyncd_enabled_action:testaction:1</ocil:test_action_ref>
26	······</ocil:actions>	20	······</ocil:actions>
27	····</ocil:questionnaire>	21	····</ocil:questionnaire>
28	····<ocil:questionnaire·id="ocil:ssg-kernel_config_ran~~domiz~~e_~~memory~~_ocil:questionnaire:1">	22	····<ocil:questionnaire·id="ocil:ssg-service_iptables_enabled_ocil:questionnaire:1">
29	······<ocil:title>~~Randomi~~ze~~·the~~·~~kerne~~l·me~~mor~~y·s~~ections~~</ocil:title>	23	······<ocil:title>Verify·iptables·Enabled</ocil:title>
30	······<ocil:actions>	24	······<ocil:actions>
31	········<ocil:test_action_ref>ocil:ssg-kernel_config_ran~~domiz~~e_~~memory~~_action:testaction:1</ocil:test_action_ref>	25	········<ocil:test_action_ref>ocil:ssg-service_iptables_enabled_action:testaction:1</ocil:test_action_ref>
32	······</ocil:actions>	26	······</ocil:actions>
33	····</ocil:questionnaire>	27	····</ocil:questionnaire>
34	····<ocil:questionnaire·id="ocil:ssg-ker~~nel~~_co~~nfig_bug~~_ocil:questionnaire:1">	28	····<ocil:questionnaire·id="ocil:ssg-no_direct_root_logins_ocil:questionnaire:1">
35	······<ocil:title>~~Enable~~·~~supp~~ort·for·~~BUG()~~</ocil:title>	29	······<ocil:title>Direct·root·Logins·Not·Allowed</ocil:title>
36	······<ocil:actions>	30	······<ocil:actions>
37	········<ocil:test_action_ref>ocil:ssg-ker~~nel~~_co~~nfig_bug~~_action:testaction:1</ocil:test_action_ref>	31	········<ocil:test_action_ref>ocil:ssg-no_direct_root_logins_action:testaction:1</ocil:test_action_ref>
38	······</ocil:actions>	32	······</ocil:actions>
39	····</ocil:questionnaire>	33	····</ocil:questionnaire>
40	····<ocil:questionnaire·id="ocil:ssg-k~~ern~~el_config_randomi~~ze_base~~_ocil:questionnaire:1">	34	····<ocil:questionnaire·id="ocil:ssg-file_ownership_audit_configuration_ocil:questionnaire:1">
41	······<ocil:title>Randomize·~~the·add~~re~~ss·~~of·the·~~kernel~~·~~image~~·~~(KASLR)~~</ocil:title>	35	······<ocil:title>Audit·Configuration·Files·Must·Be·Owned·By·Root</ocil:title>
42	······<ocil:actions>	36	······<ocil:actions>
43	········<ocil:test_action_ref>ocil:ssg-k~~ern~~el_config_randomi~~ze_base~~_action:testaction:1</ocil:test_action_ref>	37	········<ocil:test_action_ref>ocil:ssg-file_ownership_audit_configuration_action:testaction:1</ocil:test_action_ref>
44	······</ocil:actions>	38	······</ocil:actions>
45	····</ocil:questionnaire>	39	····</ocil:questionnaire>
46	····<ocil:questionnaire·id="ocil:ssg-prefer_~~64bit~~_os_ocil:questionnaire:1">	40	····<ocil:questionnaire·id="ocil:ssg-file_owner_var_log_syslog_ocil:questionnaire:1">
47	······<ocil:title>~~Pre~~fer~~·to~~·use·~~a·64-bit~~·~~Ope~~ra~~tin~~g·Sys~~tem·when~~·~~support~~ed</ocil:title>	41	······<ocil:title>Verify·User·Who·Owns·/var/log/syslog·File</ocil:title>
48	······<ocil:actions>	42	······<ocil:actions>
49	········<ocil:test_action_ref>ocil:ssg-prefer_~~64bit~~_os_action:testaction:1</ocil:test_action_ref>	43	········<ocil:test_action_ref>ocil:ssg-file_owner_var_log_syslog_action:testaction:1</ocil:test_action_ref>
50	······</ocil:actions>	44	······</ocil:actions>
51	····</ocil:questionnaire>	45	····</ocil:questionnaire>
52	····<ocil:questionnaire·id="ocil:ssg-~~file_p~~er~~missions_~~e~~tc_shadow~~_ocil:questionnaire:1">	46	····<ocil:questionnaire·id="ocil:ssg-grub2_mce_argument_ocil:questionnaire:1">
53	······<ocil:title>Verify·Per~~missio~~ns·on·~~shadow~~·~~File~~</ocil:title>	47	······<ocil:title>Force·kernel·panic·on·uncorrected·MCEs</ocil:title>
54	······<ocil:actions>	48	······<ocil:actions>
55	········<ocil:test_action_ref>ocil:ssg-~~file_p~~er~~missions_~~e~~tc_shadow~~_action:testaction:1</ocil:test_action_ref>	49	········<ocil:test_action_ref>ocil:ssg-grub2_mce_argument_action:testaction:1</ocil:test_action_ref>
56	······</ocil:actions>	50	······</ocil:actions>
57	····</ocil:questionnaire>	51	····</ocil:questionnaire>
58	····<ocil:questionnaire·id="ocil:ssg-file_gr~~oupowner~~_e~~tc_shadow~~_ocil:questionnaire:1">	52	····<ocil:questionnaire·id="ocil:ssg-file_permissions_home_dirs_ocil:questionnaire:1">
59	······<ocil:title>Verify·Group·W~~ho·Owns~~·~~sha~~d~~ow·Fi~~le</ocil:title>	53	······<ocil:title>Ensure·that·User·Home·Directories·are·not·Group-Writable·or·World-Readable</ocil:title>
60	······<ocil:actions>	54	······<ocil:actions>
61	········<ocil:test_action_ref>ocil:ssg-file_gr~~oupowner~~_e~~tc_shadow~~_action:testaction:1</ocil:test_action_ref>	55	········<ocil:test_action_ref>ocil:ssg-file_permissions_home_dirs_action:testaction:1</ocil:test_action_ref>
62	······</ocil:actions>	56	······</ocil:actions>
63	····</ocil:questionnaire>	57	····</ocil:questionnaire>
64	····<ocil:questionnaire·id="ocil:ssg-~~file~~_~~own~~er_etc_passwd_ocil:questionnaire:1">	58	····<ocil:questionnaire·id="ocil:ssg-sshd_disable_root_password_login_ocil:questionnaire:1">
65	······<ocil:title>Ve~~rify~~·~~User~~·~~Who~~·~~Owns~~·passwd·~~Fil~~e</ocil:title>	59	······<ocil:title>Disable·SSH·root·Login·with·a·Password·(Insecure)</ocil:title>
66	······<ocil:actions>	60	······<ocil:actions>
67	········<ocil:test_action_ref>ocil:ssg-~~file~~_~~own~~er_etc_passwd_action:testaction:1</ocil:test_action_ref>	61	········<ocil:test_action_ref>ocil:ssg-sshd_disable_root_password_login_action:testaction:1</ocil:test_action_ref>
68	······</ocil:actions>	62	······</ocil:actions>
69	····</ocil:questionnaire>	63	····</ocil:questionnaire>
70	····<ocil:questionnaire·id="ocil:ssg-sshd_~~use~~_pr~~iv_s~~e~~paratio~~n_ocil:questionnaire:1">	64	····<ocil:questionnaire·id="ocil:ssg-auditd_freq_ocil:questionnaire:1">
71	······<ocil:title>Enable·Use·of·Privil~~ege~~·~~Sep~~aration</ocil:title>	65	······<ocil:title>Set·number·of·records·to·cause·an·explicit·flush·to·audit·logs</ocil:title>
72	······<ocil:actions>	66	······<ocil:actions>
73	········<ocil:test_action_ref>ocil:ssg-sshd_~~use~~_pr~~iv_s~~e~~paratio~~n_action:testaction:1</ocil:test_action_ref>	67	········<ocil:test_action_ref>ocil:ssg-auditd_freq_action:testaction:1</ocil:test_action_ref>
74	······</ocil:actions>	68	······</ocil:actions>
75	····</ocil:questionnaire>	69	····</ocil:questionnaire>
76	····<ocil:questionnaire·id="ocil:ssg-dir~~_ownersh~~ip~~_bina~~ry_dirs_ocil:questionnaire:1">	70	····<ocil:questionnaire·id="ocil:ssg-partition_for_var_ocil:questionnaire:1">
77	······<ocil:title>~~Verify~~·that·~~Sys~~tem·~~Execut~~a~~ble·~~Have·~~Roo~~t~~·Ownership~~</ocil:title>	71	······<ocil:title>Ensure·/var·Located·On·Separate·Partition</ocil:title>
78	······<ocil:actions>	72	······<ocil:actions>
79	········<ocil:test_action_ref>ocil:ssg-dir~~_ownersh~~ip~~_bina~~ry_dirs_action:testaction:1</ocil:test_action_ref>	73	········<ocil:test_action_ref>ocil:ssg-partition_for_var_action:testaction:1</ocil:test_action_ref>
80	······</ocil:actions>	74	······</ocil:actions>
81	····</ocil:questionnaire>	75	····</ocil:questionnaire>
82	····<ocil:questionnaire·id="ocil:ssg-~~file_permis~~s~~ions_b~~ackup_etc_~~gshadow~~_ocil:questionnaire:1">	76	····<ocil:questionnaire·id="ocil:ssg-accounts_umask_etc_profile_ocil:questionnaire:1">
83	······<ocil:title>Ve~~rify~~·Permiss~~ions~~·o~~n·Backup~~·~~gshadow·F~~ile</ocil:title>	77	······<ocil:title>Ensure·the·Default·Umask·is·Set·Correctly·in·/etc/profile</ocil:title>
84	······<ocil:actions>	78	······<ocil:actions>
85	········<ocil:test_action_ref>ocil:ssg-~~file_permis~~s~~ions_b~~ackup_etc_~~gshadow~~_action:testaction:1</ocil:test_action_ref>	79	········<ocil:test_action_ref>ocil:ssg-accounts_umask_etc_profile_action:testaction:1</ocil:test_action_ref>
86	······</ocil:actions>	80	······</ocil:actions>
87	····</ocil:questionnaire>	81	····</ocil:questionnaire>
88	····<ocil:questionnaire·id="ocil:ssg-audit_rules_dac_modification_fchmodat_ocil:questionnaire:1">
89	······<ocil:title>~~Rec~~o~~rd·Ev~~e~~nts~~·th~~at·M~~odif~~y·the·System'~~s~~·Di~~s~~cre~~tionar~~y·Acce~~s~~s·C~~o~~ntrols·-·fchmoda~~t</o~~cil:title~~>	82	····<ocil:questionnaire·id="ocil:ssg-accounts_password_all_shadowed_ocil:questionnaire:1">
		83	······<ocil:title>Verify·All·Account·Password·Hashes·are·Shadowed</ocil:title>
90	······<ocil:actions>	84	······<ocil:actions>
91	········<ocil:test_action_ref>ocil:ssg-a~~udit_r~~ules_da~~c_m~~odi~~fic~~ation_~~fchm~~o~~dat~~_action:testaction:1</ocil:test_action_ref>	85	········<ocil:test_action_ref>ocil:ssg-accounts_password_all_shadowed_action:testaction:1</ocil:test_action_ref>
92	······</ocil:actions>	86	······</ocil:actions>
93	····</ocil:questionnaire>	87	····</ocil:questionnaire>
94	····<ocil:questionnaire·id="ocil:ssg-~~par~~tition_for_~~tmp~~_ocil:questionnaire:1">	88	····<ocil:questionnaire·id="ocil:ssg-accounts_minimum_age_login_defs_ocil:questionnaire:1">
95	······<ocil:title>~~Ensu~~re·/tmp·Loca~~ted·On~~·S~~eparate~~·~~Partition~~</ocil:title>	89	······<ocil:title>Set·Password·Minimum·Age</ocil:title>
96	······<ocil:actions>	90	······<ocil:actions>
97	········<ocil:test_action_ref>ocil:ssg-~~par~~tition_for_~~tmp~~_action:testaction:1</ocil:test_action_ref>	91	········<ocil:test_action_ref>ocil:ssg-accounts_minimum_age_login_defs_action:testaction:1</ocil:test_action_ref>
98	······</ocil:actions>	92	······</ocil:actions>
99	····</ocil:questionnaire>	93	····</ocil:questionnaire>
100	····<ocil:questionnaire·id="ocil:ssg-~~ssh~~d_en~~able~~_w~~arni~~ng_~~banner~~_~~net~~_ocil:questionnaire:1">	94	····<ocil:questionnaire·id="ocil:ssg-harden_ssh_client_crypto_policy_ocil:questionnaire:1">
101	······<ocil:title>Enable·SSH·War~~ning~~·~~Banner~~</ocil:title>	95	······<ocil:title>Harden·SSH·client·Crypto·Policy</ocil:title>
102	······<ocil:actions>	96	······<ocil:actions>
103	········<ocil:test_action_ref>ocil:ssg-~~ssh~~d_en~~able~~_w~~arni~~ng_~~banner~~_~~net~~_action:testaction:1</ocil:test_action_ref>	97	········<ocil:test_action_ref>ocil:ssg-harden_ssh_client_crypto_policy_action:testaction:1</ocil:test_action_ref>
104	······</ocil:actions>	98	······</ocil:actions>
105	····</ocil:questionnaire>	99	····</ocil:questionnaire>
106	····<ocil:questionnaire·id="ocil:ssg-chronyd_specify_remote_server_ocil:questionnaire:1">
107	······<ocil:tit~~le>A·~~re~~mote·t~~i~~me·~~s~~erv~~e~~r·for·Chr~~on~~y·is·configured</~~ocil:title>	100	····<ocil:questionnaire·id="ocil:ssg-file_permissions_var_log_syslog_ocil:questionnaire:1">
		101	······<ocil:title>Verify·Permissions·on·/var/log/syslog·File</ocil:title>
108	······<ocil:actions>	102	······<ocil:actions>
109	········<ocil:test_action_ref>ocil:ssg-~~chronyd_spec~~ify_remote_s~~erver~~_action:testaction:1</ocil:test_action_ref>	103	········<ocil:test_action_ref>ocil:ssg-file_permissions_var_log_syslog_action:testaction:1</ocil:test_action_ref>
110	······</ocil:actions>	104	······</ocil:actions>
111	····</ocil:questionnaire>	105	····</ocil:questionnaire>
112	····<ocil:questionnaire·id="ocil:ssg-audit_rules_file_deletion_events_rename_ocil:questionnaire:1">
113	······<ocil:~~title>E~~nsure·~~aud~~itd·Col~~lect~~s~~·File·Del~~etio~~n·E~~vents~~·by·Us~~er~~·-·renam~~e</ocil:title>	106	····<ocil:questionnaire·id="ocil:ssg-package_openssh-server_installed_ocil:questionnaire:1">
		107	······<ocil:title>Install·the·OpenSSH·Server·Package</ocil:title>
114	······<ocil:actions>	108	······<ocil:actions>
115	········<ocil:test_action_ref>ocil:ssg-a~~udit~~_~~rule~~s~~_fil~~e_deletion~~_eve~~nt~~s_r~~e~~nam~~e_action:testaction:1</ocil:test_action_ref>	109	········<ocil:test_action_ref>ocil:ssg-package_openssh-server_installed_action:testaction:1</ocil:test_action_ref>
116	······</ocil:actions>	110	······</ocil:actions>
117	····</ocil:questionnaire>	111	····</ocil:questionnaire>
118	····<ocil:questionnaire·id="ocil:ssg-file_permissions_var_log_messages_ocil:questionnaire:1">
119	······<ocil:ti~~tle>V~~eri~~fy·Permi~~ss~~ion~~s·on~~·/var/log/mess~~ag~~es·Fil~~e</ocil:title>	112	····<ocil:questionnaire·id="ocil:ssg-sshd_enable_warning_banner_net_ocil:questionnaire:1">
		113	······<ocil:title>Enable·SSH·Warning·Banner</ocil:title>
120	······<ocil:actions>	114	······<ocil:actions>
121	········<ocil:test_action_ref>ocil:ssg-~~file~~_pe~~rmissions~~_var~~_lo~~g_~~messag~~es_action:testaction:1</ocil:test_action_ref>	115	········<ocil:test_action_ref>ocil:ssg-sshd_enable_warning_banner_net_action:testaction:1</ocil:test_action_ref>
122	······</ocil:actions>	116	······</ocil:actions>
123	····</ocil:questionnaire>	117	····</ocil:questionnaire>
124	····<ocil:questionnaire·id="ocil:ssg-~~fil~~e~~_gr~~ou~~powner_et~~c_~~passwd~~_ocil:questionnaire:1">	118	····<ocil:questionnaire·id="ocil:ssg-kernel_config_panic_on_oops_ocil:questionnaire:1">
Max diff block lines reached; 671025/683178 bytes (98.22%) of diff not shown.


Offset 3, 5478 lines modified		Offset 3, 5577 lines modified
3	··<ocil:generator>	3	··<ocil:generator>
4	····<ocil:product_name>build_shorthand.py·from·SCAP·Security·Guide</ocil:product_name>	4	····<ocil:product_name>build_shorthand.py·from·SCAP·Security·Guide</ocil:product_name>
5	····<ocil:product_version>ssg:·0.1.74</ocil:product_version>	5	····<ocil:product_version>ssg:·0.1.74</ocil:product_version>
6	····<ocil:schema_version>2.0</ocil:schema_version>	6	····<ocil:schema_version>2.0</ocil:schema_version>
7	····<ocil:timestamp>2024-11-02T18:39:34</ocil:timestamp>	7	····<ocil:timestamp>2024-11-02T18:39:34</ocil:timestamp>
8	··</ocil:generator>	8	··</ocil:generator>
9	··<ocil:questionnaires>	9	··<ocil:questionnaires>
10	····<ocil:questionnaire·id="ocil:ssg-a~~udit~~_rules_ti~~me_~~sett~~imeofday~~_ocil:questionnaire:1">	10	····<ocil:questionnaire·id="ocil:ssg-sshd_limit_user_access_ocil:questionnaire:1">
11	······<ocil:title>~~Record·at~~tem~~pts~~·to·alter~~·ti~~me·~~through~~·~~settim~~e~~ofd~~ay</ocil:title>	11	······<ocil:title>Limit·Users'·SSH·Access</ocil:title>
12	······<ocil:actions>	12	······<ocil:actions>
13	········<ocil:test_action_ref>ocil:ssg-a~~udit~~_rules_ti~~me_~~sett~~imeofday~~_action:testaction:1</ocil:test_action_ref>	13	········<ocil:test_action_ref>ocil:ssg-sshd_limit_user_access_action:testaction:1</ocil:test_action_ref>
14	······</ocil:actions>	14	······</ocil:actions>
15	····</ocil:questionnaire>	15	····</ocil:questionnaire>
16	····<ocil:questionnaire·id="ocil:ssg-accounts_umask_etc_login_defs_ocil:questionnaire:1">
17	······<ocil:~~title>E~~nsure·th~~e·Defau~~l~~t·Uma~~s~~k·is·S~~et~~·Corre~~c~~tly·in·~~logi~~n.d~~e~~fs</~~ocil:title>	16	····<ocil:questionnaire·id="ocil:ssg-sysctl_net_ipv6_conf_default_disable_ipv6_ocil:questionnaire:1">
		17	······<ocil:title>Disable·IPv6·Addressing·on·IPv6·Interfaces·by·Default</ocil:title>
18	······<ocil:actions>	18	······<ocil:actions>
19	········<ocil:test_action_ref>ocil:ssg-ac~~cou~~nts_~~umask_~~e~~tc_~~login_~~defs~~_action:testaction:1</ocil:test_action_ref>	19	········<ocil:test_action_ref>ocil:ssg-sysctl_net_ipv6_conf_default_disable_ipv6_action:testaction:1</ocil:test_action_ref>
20	······</ocil:actions>	20	······</ocil:actions>
21	····</ocil:questionnaire>	21	····</ocil:questionnaire>
22	····<ocil:questionnaire·id="ocil:ssg-mount_option_home_no~~dev~~_ocil:questionnaire:1">	22	····<ocil:questionnaire·id="ocil:ssg-mount_option_tmp_nosuid_ocil:questionnaire:1">
23	······<ocil:title>Add·no~~dev~~·Option·to·/home</ocil:title>	23	······<ocil:title>Add·nosuid·Option·to·/tmp</ocil:title>
24	······<ocil:actions>	24	······<ocil:actions>
25	········<ocil:test_action_ref>ocil:ssg-mount_option_home_no~~dev~~_action:testaction:1</ocil:test_action_ref>	25	········<ocil:test_action_ref>ocil:ssg-mount_option_tmp_nosuid_action:testaction:1</ocil:test_action_ref>
26	······</ocil:actions>	26	······</ocil:actions>
27	····</ocil:questionnaire>	27	····</ocil:questionnaire>
28	····<ocil:questionnaire·id="ocil:ssg-~~package~~_nss-t~~ools_in~~sta~~lled~~_ocil:questionnaire:1">	28	····<ocil:questionnaire·id="ocil:ssg-sshd_set_maxstartups_ocil:questionnaire:1">
29	······<ocil:title>Ensure·~~nss-~~t~~ool~~s·is·in~~stall~~ed</ocil:title>	29	······<ocil:title>Ensure·SSH·MaxStartups·is·configured</ocil:title>
30	······<ocil:actions>	30	······<ocil:actions>
31	········<ocil:test_action_ref>ocil:ssg-~~package~~_nss-t~~ools_in~~sta~~lled~~_action:testaction:1</ocil:test_action_ref>	31	········<ocil:test_action_ref>ocil:ssg-sshd_set_maxstartups_action:testaction:1</ocil:test_action_ref>
32	······</ocil:actions>	32	······</ocil:actions>
33	····</ocil:questionnaire>	33	····</ocil:questionnaire>
34	····<ocil:questionnaire·id="ocil:ssg-~~inst~~alled_~~OS_is~~_~~FIP~~S_ce~~rtified~~_ocil:questionnaire:1">	34	····<ocil:questionnaire·id="ocil:ssg-file_owner_etc_shadow_ocil:questionnaire:1">
35	······<ocil:title>~~The·Installed·O~~perating·System·Is·~~FIPS~~·14~~0-2·Cert~~ified</ocil:title>	35	······<ocil:title>Verify·User·Who·Owns·shadow·File</ocil:title>
36	······<ocil:actions>	36	······<ocil:actions>
37	········<ocil:test_action_ref>ocil:ssg-~~inst~~alled_~~OS_is~~_~~FIP~~S_ce~~rtified~~_action:testaction:1</ocil:test_action_ref>	37	········<ocil:test_action_ref>ocil:ssg-file_owner_etc_shadow_action:testaction:1</ocil:test_action_ref>
38	······</ocil:actions>	38	······</ocil:actions>
39	····</ocil:questionnaire>	39	····</ocil:questionnaire>
40	····<ocil:questionnaire·id="ocil:ssg-~~fil~~e_permissions~~_lib~~rar~~y_dirs~~_ocil:questionnaire:1">	40	····<ocil:questionnaire·id="ocil:ssg-package_openssh-server_removed_ocil:questionnaire:1">
41	······<ocil:title>Ve~~rify~~·~~tha~~t·Share~~d·Library~~·Files·~~Have~~·Restr~~icti~~v~~e·P~~er~~missions~~</ocil:title>	41	······<ocil:title>Remove·the·OpenSSH·Server·Package</ocil:title>
42	······<ocil:actions>	42	······<ocil:actions>
43	········<ocil:test_action_ref>ocil:ssg-~~fil~~e_permissions~~_lib~~rar~~y_dirs~~_action:testaction:1</ocil:test_action_ref>	43	········<ocil:test_action_ref>ocil:ssg-package_openssh-server_removed_action:testaction:1</ocil:test_action_ref>
44	······</ocil:actions>	44	······</ocil:actions>
45	····</ocil:questionnaire>	45	····</ocil:questionnaire>
46	····<ocil:questionnaire·id="ocil:ssg-sysct~~l_net_~~i~~pv4~~_conf~~_all_a~~r~~p_filter~~_ocil:questionnaire:1">	46	····<ocil:questionnaire·id="ocil:ssg-postfix_client_configure_relayhost_ocil:questionnaire:1">
47	······<ocil:title>Configure·~~ARP~~·~~filte~~r~~ing~~·~~for~~·All·~~IPv4~~·~~Int~~erfaces</ocil:title>	47	······<ocil:title>Configure·System·to·Forward·All·Mail·through·a·specific·host</ocil:title>
48	······<ocil:actions>	48	······<ocil:actions>
49	········<ocil:test_action_ref>ocil:ssg-sysct~~l_net_~~i~~pv4~~_conf~~_all_a~~r~~p_filter~~_action:testaction:1</ocil:test_action_ref>	49	········<ocil:test_action_ref>ocil:ssg-postfix_client_configure_relayhost_action:testaction:1</ocil:test_action_ref>
50	······</ocil:actions>	50	······</ocil:actions>
51	····</ocil:questionnaire>	51	····</ocil:questionnaire>
52	····<ocil:questionnaire·id="ocil:ssg-ss~~hd_d~~is~~able~~_root_lo~~gin~~_ocil:questionnaire:1">	52	····<ocil:questionnaire·id="ocil:ssg-partition_for_tmp_ocil:questionnaire:1">
53	······<ocil:title>Disa~~ble~~·SS~~H·Roo~~t·~~Log~~in</ocil:title>	53	······<ocil:title>Ensure·/tmp·Located·On·Separate·Partition</ocil:title>
54	······<ocil:actions>	54	······<ocil:actions>
55	········<ocil:test_action_ref>ocil:ssg-ss~~hd_d~~is~~able~~_root_lo~~gin~~_action:testaction:1</ocil:test_action_ref>	55	········<ocil:test_action_ref>ocil:ssg-partition_for_tmp_action:testaction:1</ocil:test_action_ref>
56	······</ocil:actions>	56	······</ocil:actions>
57	····</ocil:questionnaire>	57	····</ocil:questionnaire>
58	····<ocil:questionnaire·id="ocil:ssg-file_permissions_backup_etc_gshadow_ocil:questionnaire:1">
59	······<ocil:ti~~tle>V~~eri~~fy·Permi~~ssi~~ons·on·Backup·gsh~~ad~~ow·File</~~ocil:title>	58	····<ocil:questionnaire·id="ocil:ssg-audit_privileged_commands_reboot_ocil:questionnaire:1">
		59	······<ocil:title>Ensure·auditd·Collects·Information·on·the·Use·of·Privileged·Commands·-·reboot</ocil:title>
60	······<ocil:actions>	60	······<ocil:actions>
61	········<ocil:test_action_ref>ocil:ssg-~~file~~_permissi~~ons_ba~~c~~kup_etc~~_g~~shad~~ow_action:testaction:1</ocil:test_action_ref>	61	········<ocil:test_action_ref>ocil:ssg-audit_privileged_commands_reboot_action:testaction:1</ocil:test_action_ref>
62	······</ocil:actions>	62	······</ocil:actions>
63	····</ocil:questionnaire>	63	····</ocil:questionnaire>
64	····<ocil:questionnaire·id="ocil:ssg-sshd_disable_x11_forwarding_ocil:questionnaire:1">
65	······<ocil:title>Dis~~abl~~e~~·X11·F~~o~~rwa~~rdi~~ng</~~ocil:title>	64	····<ocil:questionnaire·id="ocil:ssg-kernel_config_debug_credentials_ocil:questionnaire:1">
		65	······<ocil:title>Enable·checks·on·credential·management</ocil:title>
66	······<ocil:actions>	66	······<ocil:actions>
67	········<ocil:test_action_ref>ocil:ssg-~~sshd~~_~~disable_x11~~_~~forward~~ing_action:testaction:1</ocil:test_action_ref>	67	········<ocil:test_action_ref>ocil:ssg-kernel_config_debug_credentials_action:testaction:1</ocil:test_action_ref>
68	······</ocil:actions>	68	······</ocil:actions>
69	····</ocil:questionnaire>	69	····</ocil:questionnaire>
70	····<ocil:questionnaire·id="ocil:ssg-file_owner_backup_etc_group_ocil:questionnaire:1">
71	······<ocil:title~~>Ver~~i~~fy·U~~ser~~·Who·Owns·Backup·gr~~o~~up·Fi~~le</ocil:title>	70	····<ocil:questionnaire·id="ocil:ssg-securetty_root_login_console_only_ocil:questionnaire:1">
		71	······<ocil:title>Restrict·Virtual·Console·Root·Logins</ocil:title>
72	······<ocil:actions>	72	······<ocil:actions>
73	········<ocil:test_action_ref>ocil:ssg-~~fil~~e_o~~wner_backup_etc_group~~_action:testaction:1</ocil:test_action_ref>	73	········<ocil:test_action_ref>ocil:ssg-securetty_root_login_console_only_action:testaction:1</ocil:test_action_ref>
74	······</ocil:actions>	74	······</ocil:actions>
75	····</ocil:questionnaire>	75	····</ocil:questionnaire>
76	····<ocil:questionnaire·id="ocil:ssg-~~mount~~_~~opt~~ion_t~~mp_nosui~~d_ocil:questionnaire:1">	76	····<ocil:questionnaire·id="ocil:ssg-package_audit_installed_ocil:questionnaire:1">
77	······<ocil:title>~~Add~~·~~nos~~uid·Option·to~~·/tmp~~</ocil:title>	77	······<ocil:title>Ensure·the·audit·Subsystem·is·Installed</ocil:title>
78	······<ocil:actions>	78	······<ocil:actions>
79	········<ocil:test_action_ref>ocil:ssg-~~mount~~_~~opt~~ion_t~~mp_nosui~~d_action:testaction:1</ocil:test_action_ref>	79	········<ocil:test_action_ref>ocil:ssg-package_audit_installed_action:testaction:1</ocil:test_action_ref>
80	······</ocil:actions>	80	······</ocil:actions>
81	····</ocil:questionnaire>	81	····</ocil:questionnaire>
82	····<ocil:questionnaire·id="ocil:ssg-ke~~rnel_c~~on~~fig_~~acp~~i_cus~~tom_~~meth~~od_ocil:questionnaire:1">	82	····<ocil:questionnaire·id="ocil:ssg-file_groupowner_backup_etc_shadow_ocil:questionnaire:1">
83	······<ocil:title>~~Do·not·allow~~·~~ACPI~~·meth~~ods·t~~o·be·ins~~erted/re~~placed·~~at·run~~·time</ocil:title>	83	······<ocil:title>Verify·User·Who·Owns·Backup·shadow·File</ocil:title>
84	······<ocil:actions>	84	······<ocil:actions>
85	········<ocil:test_action_ref>ocil:ssg-ke~~rnel_c~~on~~fig_~~acp~~i_cus~~tom_~~meth~~od_action:testaction:1</ocil:test_action_ref>	85	········<ocil:test_action_ref>ocil:ssg-file_groupowner_backup_etc_shadow_action:testaction:1</ocil:test_action_ref>
86	······</ocil:actions>	86	······</ocil:actions>
87	····</ocil:questionnaire>	87	····</ocil:questionnaire>
88	····<ocil:questionnaire·id="ocil:ssg-s~~elinux~~_state_ocil:questionnaire:1">	88	····<ocil:questionnaire·id="ocil:ssg-account_passwords_pam_faillock_dir_ocil:questionnaire:1">
89	······<ocil:title>~~Ens~~ure·SEL~~inux·Sta~~te·~~is·Enfo~~rcing</ocil:title>	89	······<ocil:title>Account·Lockouts·Must·Persist</ocil:title>
90	······<ocil:actions>	90	······<ocil:actions>
91	········<ocil:test_action_ref>ocil:ssg-s~~elinux~~_state_action:testaction:1</ocil:test_action_ref>	91	········<ocil:test_action_ref>ocil:ssg-account_passwords_pam_faillock_dir_action:testaction:1</ocil:test_action_ref>
92	······</ocil:actions>	92	······</ocil:actions>
93	····</ocil:questionnaire>	93	····</ocil:questionnaire>
94	····<ocil:questionnaire·id="ocil:ssg-s~~erv~~ice_chro~~nyd~~_ena~~bled~~_ocil:questionnaire:1">	94	····<ocil:questionnaire·id="ocil:ssg-sshd_disable_rhosts_rsa_ocil:questionnaire:1">
95	······<ocil:title>The·Chro~~nyd·~~s~~ervice~~·~~is·~~ena~~bled~~</ocil:title>	95	······<ocil:title>Disable·SSH·Support·for·Rhosts·RSA·Authentication</ocil:title>
96	······<ocil:actions>	96	······<ocil:actions>
97	········<ocil:test_action_ref>ocil:ssg-s~~erv~~ice_chro~~nyd~~_ena~~bled~~_action:testaction:1</ocil:test_action_ref>	97	········<ocil:test_action_ref>ocil:ssg-sshd_disable_rhosts_rsa_action:testaction:1</ocil:test_action_ref>
98	······</ocil:actions>	98	······</ocil:actions>
99	····</ocil:questionnaire>	99	····</ocil:questionnaire>
100	····<ocil:questionnaire·id="ocil:ssg-s~~udoer~~s_no_~~command_n~~egation_ocil:questionnaire:1">	100	····<ocil:questionnaire·id="ocil:ssg-sshd_set_keepalive_ocil:questionnaire:1">
101	······<ocil:title>Don't·~~define~~·allowe~~d·comma~~n~~ds·i~~n·~~sudo~~e~~rs·by~~·~~mea~~ns·of·ex~~clusion~~</ocil:title>	101	······<ocil:title>Set·SSH·Client·Alive·Count·Max</ocil:title>
102	······<ocil:actions>	102	······<ocil:actions>
103	········<ocil:test_action_ref>ocil:ssg-s~~udoer~~s_no_~~command_n~~egation_action:testaction:1</ocil:test_action_ref>	103	········<ocil:test_action_ref>ocil:ssg-sshd_set_keepalive_action:testaction:1</ocil:test_action_ref>
104	······</ocil:actions>	104	······</ocil:actions>
105	····</ocil:questionnaire>	105	····</ocil:questionnaire>
106	····<ocil:questionnaire·id="ocil:ssg-~~sshd_disa~~ble_tcp_forw~~ardi~~ng_ocil:questionnaire:1">	106	····<ocil:questionnaire·id="ocil:ssg-grub2_mce_argument_ocil:questionnaire:1">
107	······<ocil:title>~~Disabl~~e·~~SSH~~·~~TCP·F~~or~~war~~d~~ing~~</ocil:title>	107	······<ocil:title>Force·kernel·panic·on·uncorrected·MCEs</ocil:title>
108	······<ocil:actions>	108	······<ocil:actions>
109	········<ocil:test_action_ref>ocil:ssg-~~sshd_disa~~ble_tcp_forw~~ardi~~ng_action:testaction:1</ocil:test_action_ref>	109	········<ocil:test_action_ref>ocil:ssg-grub2_mce_argument_action:testaction:1</ocil:test_action_ref>
110	······</ocil:actions>	110	······</ocil:actions>
111	····</ocil:questionnaire>	111	····</ocil:questionnaire>
112	····<ocil:questionnaire·id="ocil:ssg-~~no_~~netrc_files_ocil:questionnaire:1">	112	····<ocil:questionnaire·id="ocil:ssg-kernel_config_hibernation_ocil:questionnaire:1">
113	······<ocil:title>Veri~~fy·No·n~~e~~trc~~·File~~s·Ex~~ist</ocil:title>	113	······<ocil:title>Disable·hibernation</ocil:title>
114	······<ocil:actions>	114	······<ocil:actions>
115	········<ocil:test_action_ref>ocil:ssg-~~no_~~netrc_files_action:testaction:1</ocil:test_action_ref>	115	········<ocil:test_action_ref>ocil:ssg-kernel_config_hibernation_action:testaction:1</ocil:test_action_ref>
116	······</ocil:actions>	116	······</ocil:actions>
117	····</ocil:questionnaire>	117	····</ocil:questionnaire>
118	····<ocil:questionnaire·id="ocil:ssg-partition_for_~~home~~_ocil:questionnaire:1">	118	····<ocil:questionnaire·id="ocil:ssg-file_permissions_home_dirs_ocil:questionnaire:1">
119	······<ocil:title>Ensure·/home·Located·On·Separate·Par~~tition~~</ocil:title>	119	······<ocil:title>Ensure·that·User·Home·Directories·are·not·Group-Writable·or·World-Readable</ocil:title>
120	······<ocil:actions>	120	······<ocil:actions>
121	········<ocil:test_action_ref>ocil:ssg-partition_for_~~home~~_action:testaction:1</ocil:test_action_ref>	121	········<ocil:test_action_ref>ocil:ssg-file_permissions_home_dirs_action:testaction:1</ocil:test_action_ref>
122	······</ocil:actions>	122	······</ocil:actions>
123	····</ocil:questionnaire>	123	····</ocil:questionnaire>
124	····<ocil:questionnaire·id="ocil:ssg-file_gr~~oupowner~~_etc_~~group~~_ocil:questionnaire:1">	124	····<ocil:questionnaire·id="ocil:ssg-file_permissions_etc_shadow_ocil:questionnaire:1">
125	······<ocil:title>Verify·Gr~~oup·Who~~·~~Own~~s~~·gr~~oup·File</ocil:title>	125	······<ocil:title>Verify·Permissions·on·shadow·File</ocil:title>
Max diff block lines reached; 702840/715198 bytes (98.27%) of diff not shown.


Offset 3, 4484 lines modified		Offset 3, 4484 lines modified
3	··<ocil:generator>	3	··<ocil:generator>
4	····<ocil:product_name>build_shorthand.py·from·SCAP·Security·Guide</ocil:product_name>	4	····<ocil:product_name>build_shorthand.py·from·SCAP·Security·Guide</ocil:product_name>
5	····<ocil:product_version>ssg:·0.1.74</ocil:product_version>	5	····<ocil:product_version>ssg:·0.1.74</ocil:product_version>
6	····<ocil:schema_version>2.0</ocil:schema_version>	6	····<ocil:schema_version>2.0</ocil:schema_version>
7	····<ocil:timestamp>2024-11-02T18:39:34</ocil:timestamp>	7	····<ocil:timestamp>2024-11-02T18:39:34</ocil:timestamp>
8	··</ocil:generator>	8	··</ocil:generator>
9	··<ocil:questionnaires>	9	··<ocil:questionnaires>
10	····<ocil:questionnaire·id="ocil:ssg-sshd_use_approved_macs_ordered_stig_ocil:questionnaire:1">
11	······<ocil:title>Use·Only·FIPS·140-2·Validated·MACs</ocil:title>
12	······<ocil:actions>
13	········<ocil:test_action_ref>ocil:ssg-sshd_use_approved_macs_ordered_stig_action:testaction:1</ocil:test_action_ref>
14	······</ocil:actions>
15	····</ocil:questionnaire>
16	····<ocil:questionnaire·id="ocil:ssg-~~ker~~nel_c~~onf~~i~~g_bug~~_ocil:questionnaire:1">	10	····<ocil:questionnaire·id="ocil:ssg-sssd_offline_cred_expiration_ocil:questionnaire:1">
		11	······<ocil:title>Configure·SSSD·to·Expire·Offline·Credentials</ocil:title>
17	······<ocil:title>Enable·support·for·BUG()</ocil:title>
18	······<ocil:actions>
19	········<ocil:test_action_ref>ocil:ssg-kernel_config_bug_action:testaction:1</ocil:test_action_ref>
20	······</ocil:actions>
21	····</ocil:questionnaire>
22	····<ocil:questionnaire·id="ocil:ssg-package_ntp_installed_ocil:questionnaire:1">
23	······<ocil:title>Install·the·ntp·service</ocil:title>
24	······<ocil:actions>	12	······<ocil:actions>
25	········<ocil:test_action_ref>ocil:ssg-~~packag~~e_~~ntp~~_~~inst~~a~~lled~~_action:testaction:1</ocil:test_action_ref>	13	········<ocil:test_action_ref>ocil:ssg-sssd_offline_cred_expiration_action:testaction:1</ocil:test_action_ref>
26	······</ocil:actions>	14	······</ocil:actions>
27	····</ocil:questionnaire>	15	····</ocil:questionnaire>
28	····<ocil:questionnaire·id="ocil:ssg-~~file_owner_~~etc_~~gshadow~~_ocil:questionnaire:1">	16	····<ocil:questionnaire·id="ocil:ssg-package_xinetd_removed_ocil:questionnaire:1">
29	······<ocil:title>Veri~~fy·~~User~~·Who~~·Own~~s·gsh~~a~~dow·Fil~~e</ocil:title>	17	······<ocil:title>Uninstall·xinetd·Package</ocil:title>
30	······<ocil:actions>	18	······<ocil:actions>
31	········<ocil:test_action_ref>ocil:ssg-~~file_owner_~~etc_~~gshadow~~_action:testaction:1</ocil:test_action_ref>	19	········<ocil:test_action_ref>ocil:ssg-package_xinetd_removed_action:testaction:1</ocil:test_action_ref>
32	······</ocil:actions>	20	······</ocil:actions>
33	····</ocil:questionnaire>	21	····</ocil:questionnaire>
34	····<ocil:questionnaire·id="ocil:ssg-kernel_config_~~mod~~u~~le_~~si~~g_ha~~sh_ocil:questionnaire:1">	22	····<ocil:questionnaire·id="ocil:ssg-kernel_config_security_ocil:questionnaire:1">
35	······<ocil:title>S~~pecify~~·t~~he·hash·~~to·us~~e·wh~~e~~n·sign~~ing·modules</ocil:title>	23	······<ocil:title>Enable·different·security·models</ocil:title>
36	······<ocil:actions>	24	······<ocil:actions>
37	········<ocil:test_action_ref>ocil:ssg-kernel_config_~~mod~~u~~le_~~si~~g_ha~~sh_action:testaction:1</ocil:test_action_ref>	25	········<ocil:test_action_ref>ocil:ssg-kernel_config_security_action:testaction:1</ocil:test_action_ref>
38	······</ocil:actions>	26	······</ocil:actions>
39	····</ocil:questionnaire>	27	····</ocil:questionnaire>
40	····<ocil:questionnaire·id="ocil:ssg-audit_rules_dac_modification_fremovexattr_ocil:questionnaire:1">
41	······<ocil:title>~~Rec~~o~~rd·Ev~~e~~nts~~·th~~at·M~~odify~~·the·System'~~s·Discretionar~~y·Acce~~ss·~~Contro~~ls·~~-·f~~re~~mov~~exattr</ocil:title>	28	····<ocil:questionnaire·id="ocil:ssg-grub2_spec_store_bypass_disable_argument_ocil:questionnaire:1">
		29	······<ocil:title>Configure·Speculative·Store·Bypass·Mitigation</ocil:title>
42	······<ocil:actions>	30	······<ocil:actions>
43	········<ocil:test_action_ref>ocil:ssg-au~~dit_rule~~s~~_dac~~_~~modif~~icat~~ion~~_fre~~mov~~exattr_action:testaction:1</ocil:test_action_ref>	31	········<ocil:test_action_ref>ocil:ssg-grub2_spec_store_bypass_disable_argument_action:testaction:1</ocil:test_action_ref>
44	······</ocil:actions>	32	······</ocil:actions>
45	····</ocil:questionnaire>	33	····</ocil:questionnaire>
46	····<ocil:questionnaire·id="ocil:ssg-kernel_config_compat_brk_ocil:questionnaire:1">
47	······<ocil:title~~>Disab~~l~~e·compatibi~~l~~ity·w~~i~~th·b~~r~~k()</~~ocil:title>	34	····<ocil:questionnaire·id="ocil:ssg-ufw_only_required_services_ocil:questionnaire:1">
		35	······<ocil:title>Only·Allow·Authorized·Network·Services·in·ufw</ocil:title>
48	······<ocil:actions>	36	······<ocil:actions>
49	········<ocil:test_action_ref>ocil:ssg-~~ker~~nel_~~conf~~i~~g_compat_brk~~_action:testaction:1</ocil:test_action_ref>	37	········<ocil:test_action_ref>ocil:ssg-ufw_only_required_services_action:testaction:1</ocil:test_action_ref>
50	······</ocil:actions>	38	······</ocil:actions>
51	····</ocil:questionnaire>	39	····</ocil:questionnaire>
52	····<ocil:questionnaire·id="ocil:ssg-~~sshd_enable_~~str~~ict~~modes_ocil:questionnaire:1">	40	····<ocil:questionnaire·id="ocil:ssg-accounts_password_pam_retry_ocil:questionnaire:1">
53	······<ocil:title>En~~abl~~e·Use·of·Strict·Mode~~·Ch~~ecking</ocil:title>	41	······<ocil:title>Ensure·PAM·Enforces·Password·Requirements·-·Authentication·Retry·Prompts·Permitted·Per-Session</ocil:title>
54	······<ocil:actions>	42	······<ocil:actions>
55	········<ocil:test_action_ref>ocil:ssg-~~sshd_enable_~~str~~ict~~modes_action:testaction:1</ocil:test_action_ref>	43	········<ocil:test_action_ref>ocil:ssg-accounts_password_pam_retry_action:testaction:1</ocil:test_action_ref>
56	······</ocil:actions>	44	······</ocil:actions>
57	····</ocil:questionnaire>	45	····</ocil:questionnaire>
58	····<ocil:questionnaire·id="ocil:ssg-clean_components_post_updating_ocil:questionnaire:1">
59	······<ocil:~~title>E~~nsure·a~~pt_get·Remove~~s~~·Prev~~ious·Pa~~ckage·Versions</~~ocil:title>	46	····<ocil:questionnaire·id="ocil:ssg-sshd_disable_pubkey_auth_ocil:questionnaire:1">
		47	······<ocil:title>Disable·PubkeyAuthentication·Authentication</ocil:title>
60	······<ocil:actions>	48	······<ocil:actions>
61	········<ocil:test_action_ref>ocil:ssg-c~~lean~~_~~compon~~e~~nts~~_po~~st_upd~~at~~ing~~_action:testaction:1</ocil:test_action_ref>	49	········<ocil:test_action_ref>ocil:ssg-sshd_disable_pubkey_auth_action:testaction:1</ocil:test_action_ref>
62	······</ocil:actions>	50	······</ocil:actions>
63	····</ocil:questionnaire>	51	····</ocil:questionnaire>
64	····<ocil:questionnaire·id="ocil:ssg-~~file~~_pe~~rmissions~~_~~libr~~ary_dirs_ocil:questionnaire:1">	52	····<ocil:questionnaire·id="ocil:ssg-sshd_enable_x11_forwarding_ocil:questionnaire:1">
65	······<ocil:title>~~Verify·~~tha~~t·Sh~~ared·Li~~bra~~ry·Files·H~~ave~~·Restr~~ictive·~~Per~~mis~~sions</ocil:title>	53	······<ocil:title>Enable·Encrypted·X11·Forwarding</ocil:title>
66	······<ocil:actions>	54	······<ocil:actions>
67	········<ocil:test_action_ref>ocil:ssg-~~file~~_pe~~rmissions~~_~~libr~~ary_dirs_action:testaction:1</ocil:test_action_ref>	55	········<ocil:test_action_ref>ocil:ssg-sshd_enable_x11_forwarding_action:testaction:1</ocil:test_action_ref>
68	······</ocil:actions>	56	······</ocil:actions>
69	····</ocil:questionnaire>	57	····</ocil:questionnaire>
70	····<ocil:questionnaire·id="ocil:ssg-sysctl_net_~~ipv4_co~~nf_a~~ll_log_~~mart~~ian~~s_ocil:questionnaire:1">	58	····<ocil:questionnaire·id="ocil:ssg-display_login_attempts_ocil:questionnaire:1">
71	······<ocil:title>En~~abl~~e·K~~ernel·Par~~a~~meter·~~to·Log~~·Marti~~an·Packets·on·~~all·IPv4·In~~t~~erfaces~~</ocil:title>	59	······<ocil:title>Ensure·PAM·Displays·Last·Logon/Access·Notification</ocil:title>
72	······<ocil:actions>	60	······<ocil:actions>
73	········<ocil:test_action_ref>ocil:ssg-sysctl_net_~~ipv4_co~~nf_a~~ll_log_~~mart~~ian~~s_action:testaction:1</ocil:test_action_ref>	61	········<ocil:test_action_ref>ocil:ssg-display_login_attempts_action:testaction:1</ocil:test_action_ref>
74	······</ocil:actions>	62	······</ocil:actions>
75	····</ocil:questionnaire>	63	····</ocil:questionnaire>
76	····<ocil:questionnaire·id="ocil:ssg-acco~~unts~~_umask_etc_~~bashrc~~_ocil:questionnaire:1">	64	····<ocil:questionnaire·id="ocil:ssg-package_rsync_removed_ocil:questionnaire:1">
77	······<ocil:title>Ensu~~re·~~t~~he·Def~~aul~~t·Bas~~h·Umask~~·is~~·Se~~t·Corr~~e~~ctly~~</ocil:title>	65	······<ocil:title>Uninstall·rsync·Package</ocil:title>
78	······<ocil:actions>	66	······<ocil:actions>
79	········<ocil:test_action_ref>ocil:ssg-acco~~unts~~_umask_etc_~~bashrc~~_action:testaction:1</ocil:test_action_ref>	67	········<ocil:test_action_ref>ocil:ssg-package_rsync_removed_action:testaction:1</ocil:test_action_ref>
80	······</ocil:actions>	68	······</ocil:actions>
81	····</ocil:questionnaire>	69	····</ocil:questionnaire>
82	····<ocil:questionnaire·id="ocil:ssg-audit_rules_privileged_commands_gpasswd_ocil:questionnaire:1">
83	······<ocil:~~title>E~~nsure·~~aud~~itd·Col~~lect~~s~~·In~~f~~ormat~~i~~on·~~o~~n·the·~~Use·~~of·P~~rivileged~~·Commands·-·gpas~~swd</o~~cil:title~~>	70	····<ocil:questionnaire·id="ocil:ssg-file_owner_var_log_syslog_ocil:questionnaire:1">
		71	······<ocil:title>Verify·User·Who·Owns·/var/log/syslog·File</ocil:title>
84	······<ocil:actions>	72	······<ocil:actions>
85	········<ocil:test_action_ref>ocil:ssg-audi~~t_ru~~les_~~privileg~~ed_c~~ommands~~_gpas~~swd~~_action:testaction:1</ocil:test_action_ref>	73	········<ocil:test_action_ref>ocil:ssg-file_owner_var_log_syslog_action:testaction:1</ocil:test_action_ref>
86	······</ocil:actions>	74	······</ocil:actions>
87	····</ocil:questionnaire>	75	····</ocil:questionnaire>
88	····<ocil:questionnaire·id="ocil:ssg-partit~~ion_for_var~~_ocil:questionnaire:1">	76	····<ocil:questionnaire·id="ocil:ssg-encrypt_partitions_ocil:questionnaire:1">
89	······<ocil:title>En~~sure·/var·Lo~~c~~ated·On·~~Sep~~ara~~te·Partition</ocil:title>	77	······<ocil:title>Encrypt·Partitions</ocil:title>
90	······<ocil:actions>	78	······<ocil:actions>
91	········<ocil:test_action_ref>ocil:ssg-partit~~ion_for_var~~_action:testaction:1</ocil:test_action_ref>	79	········<ocil:test_action_ref>ocil:ssg-encrypt_partitions_action:testaction:1</ocil:test_action_ref>
92	······</ocil:actions>	80	······</ocil:actions>
93	····</ocil:questionnaire>	81	····</ocil:questionnaire>
94	····<ocil:questionnaire·id="ocil:ssg-service_auditd_enabled_ocil:questionnaire:1">
95	······<ocil:titl~~e>Enab~~le·auditd·Se~~rvice</~~ocil:title>	82	····<ocil:questionnaire·id="ocil:ssg-policy_temp_passwords_immediate_change_ocil:questionnaire:1">
		83	······<ocil:title>Policy·Requires·Immediate·Change·of·Temporary·Passwords</ocil:title>
96	······<ocil:actions>	84	······<ocil:actions>
97	········<ocil:test_action_ref>ocil:ssg-s~~erv~~ice_auditd_enabled_action:testaction:1</ocil:test_action_ref>	85	········<ocil:test_action_ref>ocil:ssg-policy_temp_passwords_immediate_change_action:testaction:1</ocil:test_action_ref>
98	······</ocil:actions>	86	······</ocil:actions>
99	····</ocil:questionnaire>	87	····</ocil:questionnaire>
100	····<ocil:questionnaire·id="ocil:ssg-chro~~nyd~~_~~syn~~c~~_clock~~_ocil:questionnaire:1">	88	····<ocil:questionnaire·id="ocil:ssg-sshd_set_login_grace_time_ocil:questionnaire:1">
101	······<ocil:title>Synchr~~oniz~~e·in~~ternal·~~in~~format~~ion·~~system·clocks~~</ocil:title>	89	······<ocil:title>Ensure·SSH·LoginGraceTime·is·configured</ocil:title>
102	······<ocil:actions>	90	······<ocil:actions>
103	········<ocil:test_action_ref>ocil:ssg-chro~~nyd~~_~~syn~~c~~_clock~~_action:testaction:1</ocil:test_action_ref>	91	········<ocil:test_action_ref>ocil:ssg-sshd_set_login_grace_time_action:testaction:1</ocil:test_action_ref>
104	······</ocil:actions>	92	······</ocil:actions>
105	····</ocil:questionnaire>	93	····</ocil:questionnaire>
106	····<ocil:questionnaire·id="ocil:ssg-package_pam_pwquality_installed_ocil:questionnaire:1">
107	······<ocil:title~~>Insta~~l~~l·pam_pwquality·Pack~~age</ocil:title>	94	····<ocil:questionnaire·id="ocil:ssg-sudoers_no_root_target_ocil:questionnaire:1">
		95	······<ocil:title>Don't·target·root·user·in·the·sudoers·file</ocil:title>
108	······<ocil:actions>	96	······<ocil:actions>
109	········<ocil:test_action_ref>ocil:ssg-pa~~ckag~~e_pam_p~~wquali~~ty_~~ins~~talled_action:testaction:1</ocil:test_action_ref>	97	········<ocil:test_action_ref>ocil:ssg-sudoers_no_root_target_action:testaction:1</ocil:test_action_ref>
110	······</ocil:actions>	98	······</ocil:actions>
111	····</ocil:questionnaire>	99	····</ocil:questionnaire>
112	····<ocil:questionnaire·id="ocil:ssg-service_cups_disabled_ocil:questionnaire:1">
113	······<ocil:title>Disable~~·th~~e~~·CUPS·S~~ervice</ocil:title>	100	····<ocil:questionnaire·id="ocil:ssg-audit_rules_unsuccessful_file_modification_open_by_handle_at_ocil:questionnaire:1">
		101	······<ocil:title>Record·Unsuccessful·Access·Attempts·to·Files·-·open_by_handle_at</ocil:title>
114	······<ocil:actions>	102	······<ocil:actions>
115	········<ocil:test_action_ref>ocil:ssg-service_cups_~~dis~~abled_action:testaction:1</ocil:test_action_ref>	103	········<ocil:test_action_ref>ocil:ssg-audit_rules_unsuccessful_file_modification_open_by_handle_at_action:testaction:1</ocil:test_action_ref>
116	······</ocil:actions>	104	······</ocil:actions>
117	····</ocil:questionnaire>	105	····</ocil:questionnaire>
118	····<ocil:questionnaire·id="ocil:ssg-~~ssh~~d_~~disable~~_compres~~sion~~_ocil:questionnaire:1">	106	····<ocil:questionnaire·id="ocil:ssg-chronyd_specify_remote_server_ocil:questionnaire:1">
119	······<ocil:title>~~Disabl~~e·Compressi~~on·O~~r·~~Set~~·Compr~~ession~~·to~~·delay~~ed</ocil:title>	107	······<ocil:title>A·remote·time·server·for·Chrony·is·configured</ocil:title>
120	······<ocil:actions>	108	······<ocil:actions>
121	········<ocil:test_action_ref>ocil:ssg-~~ssh~~d_~~disable~~_compres~~sion~~_action:testaction:1</ocil:test_action_ref>	109	········<ocil:test_action_ref>ocil:ssg-chronyd_specify_remote_server_action:testaction:1</ocil:test_action_ref>
Max diff block lines reached; 1367710/1379357 bytes (99.16%) of diff not shown.


Offset 3, 6672 lines modified		Offset 3, 6672 lines modified
3	··<ocil:generator>	3	··<ocil:generator>
4	····<ocil:product_name>build_shorthand.py·from·SCAP·Security·Guide</ocil:product_name>	4	····<ocil:product_name>build_shorthand.py·from·SCAP·Security·Guide</ocil:product_name>
5	····<ocil:product_version>ssg:·0.1.74</ocil:product_version>	5	····<ocil:product_version>ssg:·0.1.74</ocil:product_version>
6	····<ocil:schema_version>2.0</ocil:schema_version>	6	····<ocil:schema_version>2.0</ocil:schema_version>
7	····<ocil:timestamp>2024-11-02T18:39:34</ocil:timestamp>	7	····<ocil:timestamp>2024-11-02T18:39:34</ocil:timestamp>
8	··</ocil:generator>	8	··</ocil:generator>
9	··<ocil:questionnaires>	9	··<ocil:questionnaires>
10	····<ocil:questionnaire·id="ocil:ssg-~~account~~s~~_uma~~sk_etc_bas~~hrc~~_ocil:questionnaire:1">	10	····<ocil:questionnaire·id="ocil:ssg-file_permissions_etc_issue_ocil:questionnaire:1">
11	······<ocil:title>~~Ensu~~re~~·the~~·De~~fault·Ba~~sh·~~Uma~~sk·~~is·S~~et·Co~~rrectly~~</ocil:title>	11	······<ocil:title>Verify·permissions·on·System·Login·Banner</ocil:title>
12	······<ocil:actions>	12	······<ocil:actions>
13	········<ocil:test_action_ref>ocil:ssg-~~account~~s~~_uma~~sk_etc_bas~~hrc~~_action:testaction:1</ocil:test_action_ref>	13	········<ocil:test_action_ref>ocil:ssg-file_permissions_etc_issue_action:testaction:1</ocil:test_action_ref>
14	······</ocil:actions>	14	······</ocil:actions>
15	····</ocil:questionnaire>	15	····</ocil:questionnaire>
16	····<ocil:questionnaire·id="ocil:ssg-audi~~t_ru~~les_ne~~tworkconf~~ig_modi~~fic~~ation_ocil:questionnaire:1">	16	····<ocil:questionnaire·id="ocil:ssg-file_ownership_audit_configuration_ocil:questionnaire:1">
17	······<ocil:title>R~~ecord~~·Even~~ts·th~~at·Mod~~ify·the~~·Syste~~m's~~·Netw~~ork~~·E~~nvir~~o~~nme~~nt</ocil:title>	17	······<ocil:title>Audit·Configuration·Files·Must·Be·Owned·By·Root</ocil:title>
18	······<ocil:actions>	18	······<ocil:actions>
19	········<ocil:test_action_ref>ocil:ssg-audi~~t_ru~~les_ne~~tworkconf~~ig_modi~~fic~~ation_action:testaction:1</ocil:test_action_ref>	19	········<ocil:test_action_ref>ocil:ssg-file_ownership_audit_configuration_action:testaction:1</ocil:test_action_ref>
20	······</ocil:actions>	20	······</ocil:actions>
21	····</ocil:questionnaire>	21	····</ocil:questionnaire>
22	····<ocil:questionnaire·id="ocil:ssg-~~fil~~e_owner_g~~rub2_cfg~~_ocil:questionnaire:1">	22	····<ocil:questionnaire·id="ocil:ssg-kernel_config_devkmem_ocil:questionnaire:1">
23	······<ocil:title>~~Verify~~·/~~boot/grub/g~~ru~~b.cfg·Us~~er·Ow~~nership~~</ocil:title>	23	······<ocil:title>Disable·/dev/kmem·virtual·device·support</ocil:title>
24	······<ocil:actions>	24	······<ocil:actions>
25	········<ocil:test_action_ref>ocil:ssg-~~fil~~e_owner_g~~rub2_cfg~~_action:testaction:1</ocil:test_action_ref>	25	········<ocil:test_action_ref>ocil:ssg-kernel_config_devkmem_action:testaction:1</ocil:test_action_ref>
26	······</ocil:actions>	26	······</ocil:actions>
27	····</ocil:questionnaire>	27	····</ocil:questionnaire>
28	····<ocil:questionnaire·id="ocil:ssg-~~ker~~nel_con~~fig_p~~age_~~poi~~soning_zero_ocil:questionnaire:1">	28	····<ocil:questionnaire·id="ocil:ssg-accounts_minimum_age_login_defs_ocil:questionnaire:1">
29	······<ocil:title>~~Use·~~ze~~ro·fo~~r·pois~~oning·in~~s~~tea~~d·o~~f·deb~~u~~ggin~~g·value</ocil:title>	29	······<ocil:title>Set·Password·Minimum·Age</ocil:title>
30	······<ocil:actions>	30	······<ocil:actions>
31	········<ocil:test_action_ref>ocil:ssg-~~ker~~nel_con~~fig_p~~age_~~poi~~soning_zero_action:testaction:1</ocil:test_action_ref>	31	········<ocil:test_action_ref>ocil:ssg-accounts_minimum_age_login_defs_action:testaction:1</ocil:test_action_ref>
32	······</ocil:actions>	32	······</ocil:actions>
33	····</ocil:questionnaire>	33	····</ocil:questionnaire>
34	····<ocil:questionnaire·id="ocil:ssg-chronyd_sync_clock_ocil:questionnaire:1">
35	······<ocil:~~title>Sy~~nchroni~~ze·~~i~~nternal·info~~rmation~~·system·~~c~~locks</~~ocil:title>	34	····<ocil:questionnaire·id="ocil:ssg-file_permissions_backup_etc_group_ocil:questionnaire:1">
		35	······<ocil:title>Verify·Permissions·on·Backup·group·File</ocil:title>
36	······<ocil:actions>	36	······<ocil:actions>
37	········<ocil:test_action_ref>ocil:ssg-chron~~yd_syn~~c_clock_action:testaction:1</ocil:test_action_ref>	37	········<ocil:test_action_ref>ocil:ssg-file_permissions_backup_etc_group_action:testaction:1</ocil:test_action_ref>
38	······</ocil:actions>	38	······</ocil:actions>
39	····</ocil:questionnaire>	39	····</ocil:questionnaire>
40	····<ocil:questionnaire·id="ocil:ssg-accounts_passwords_pam_faillock_deny_ocil:questionnaire:1">
41	······<ocil:ti~~tle>Lock·Acc~~o~~unts·Afte~~r~~·Failed·Password·A~~t~~tempts</~~ocil:title>	40	····<ocil:questionnaire·id="ocil:ssg-grub2_nosmap_argument_absent_ocil:questionnaire:1">
		41	······<ocil:title>Ensure·SMAP·is·not·disabled·during·boot</ocil:title>
42	······<ocil:actions>	42	······<ocil:actions>
43	········<ocil:test_action_ref>ocil:ssg-accounts_passwo~~rds~~_pam~~_faillock_d~~eny_action:testaction:1</ocil:test_action_ref>	43	········<ocil:test_action_ref>ocil:ssg-grub2_nosmap_argument_absent_action:testaction:1</ocil:test_action_ref>
44	······</ocil:actions>	44	······</ocil:actions>
45	····</ocil:questionnaire>	45	····</ocil:questionnaire>
46	····<ocil:questionnaire·id="ocil:ssg-~~grub2~~_~~disab~~le~~_re~~co~~very~~_ocil:questionnaire:1">	46	····<ocil:questionnaire·id="ocil:ssg-audit_privileged_commands_shutdown_ocil:questionnaire:1">
47	······<ocil:title>Disable·Recovery·Boot~~ing~~</ocil:title>	47	······<ocil:title>Ensure·auditd·Collects·Information·on·the·Use·of·Privileged·Commands·-·shutdown</ocil:title>
48	······<ocil:actions>	48	······<ocil:actions>
49	········<ocil:test_action_ref>ocil:ssg-~~grub2~~_~~disab~~le~~_re~~co~~very~~_action:testaction:1</ocil:test_action_ref>	49	········<ocil:test_action_ref>ocil:ssg-audit_privileged_commands_shutdown_action:testaction:1</ocil:test_action_ref>
50	······</ocil:actions>	50	······</ocil:actions>
51	····</ocil:questionnaire>	51	····</ocil:questionnaire>
52	····<ocil:questionnaire·id="ocil:ssg-file_groupowner_cron_weekly_ocil:questionnaire:1">
53	······<ocil:title~~>Ver~~i~~fy·G~~roup~~·Who·Owns·~~cron~~.weekly</~~ocil:title>	52	····<ocil:questionnaire·id="ocil:ssg-audit_rules_privileged_commands_postdrop_ocil:questionnaire:1">
		53	······<ocil:title>Ensure·auditd·Collects·Information·on·the·Use·of·Privileged·Commands·-·postdrop</ocil:title>
54	······<ocil:actions>	54	······<ocil:actions>
55	········<ocil:test_action_ref>ocil:ssg-file_gr~~oupown~~er_cron_~~weekly~~_action:testaction:1</ocil:test_action_ref>	55	········<ocil:test_action_ref>ocil:ssg-audit_rules_privileged_commands_postdrop_action:testaction:1</ocil:test_action_ref>
56	······</ocil:actions>	56	······</ocil:actions>
57	····</ocil:questionnaire>	57	····</ocil:questionnaire>
58	····<ocil:questionnaire·id="ocil:ssg-~~file~~_~~owne~~r_c~~ron~~_h~~our~~ly_ocil:questionnaire:1">	58	····<ocil:questionnaire·id="ocil:ssg-sysctl_fs_protected_hardlinks_ocil:questionnaire:1">
59	······<ocil:title>Ver~~ify~~·~~Own~~er·on·cron~~.hour~~ly</ocil:title>	59	······<ocil:title>Enable·Kernel·Parameter·to·Enforce·DAC·on·Hardlinks</ocil:title>
60	······<ocil:actions>	60	······<ocil:actions>
61	········<ocil:test_action_ref>ocil:ssg-~~file~~_~~owne~~r_c~~ron~~_h~~our~~ly_action:testaction:1</ocil:test_action_ref>	61	········<ocil:test_action_ref>ocil:ssg-sysctl_fs_protected_hardlinks_action:testaction:1</ocil:test_action_ref>
62	······</ocil:actions>	62	······</ocil:actions>
63	····</ocil:questionnaire>	63	····</ocil:questionnaire>
64	····<ocil:questionnaire·id="ocil:ssg-audit_rules_privileged_commands_usermod_ocil:questionnaire:1">
65	······<ocil:~~title>E~~nsure·~~aud~~itd·Col~~lect~~s·~~Informa~~t~~ion~~·on·t~~he·Use·~~of~~·Privi~~l~~eged·Comm~~a~~nds·-·us~~e~~rmod</~~o~~cil:title~~>	64	····<ocil:questionnaire·id="ocil:ssg-sysctl_net_ipv6_conf_default_accept_ra_ocil:questionnaire:1">
		65	······<ocil:title>Disable·Accepting·Router·Advertisements·on·all·IPv6·Interfaces·by·Default</ocil:title>
66	······<ocil:actions>	66	······<ocil:actions>
67	········<ocil:test_action_ref>ocil:ssg-~~audi~~t_~~rul~~es_priv~~ileged~~_c~~omm~~a~~nds~~_use~~rmod~~_action:testaction:1</ocil:test_action_ref>	67	········<ocil:test_action_ref>ocil:ssg-sysctl_net_ipv6_conf_default_accept_ra_action:testaction:1</ocil:test_action_ref>
68	······</ocil:actions>	68	······</ocil:actions>
69	····</ocil:questionnaire>	69	····</ocil:questionnaire>
70	····<ocil:questionnaire·id="ocil:ssg-sshd_~~set_k~~eepalive_0_ocil:questionnaire:1">	70	····<ocil:questionnaire·id="ocil:ssg-sshd_enable_warning_banner_net_ocil:questionnaire:1">
71	······<ocil:title>~~Set~~·SSH·C~~lie~~n~~t·Al~~i~~ve·Cou~~nt·Ma~~x·to~~·zero</ocil:title>	71	······<ocil:title>Enable·SSH·Warning·Banner</ocil:title>
72	······<ocil:actions>	72	······<ocil:actions>
73	········<ocil:test_action_ref>ocil:ssg-sshd_~~set_k~~eepalive_0_action:testaction:1</ocil:test_action_ref>	73	········<ocil:test_action_ref>ocil:ssg-sshd_enable_warning_banner_net_action:testaction:1</ocil:test_action_ref>
74	······</ocil:actions>	74	······</ocil:actions>
75	····</ocil:questionnaire>	75	····</ocil:questionnaire>
76	····<ocil:questionnaire·id="ocil:ssg-p~~ackage~~_u~~fw_rem~~oved_ocil:questionnaire:1">	76	····<ocil:questionnaire·id="ocil:ssg-file_permissions_ungroupowned_ocil:questionnaire:1">
77	······<ocil:title>Re~~mov~~e·ufw·Pa~~ckage~~</ocil:title>	77	······<ocil:title>Ensure·All·Files·Are·Owned·by·a·Group</ocil:title>
78	······<ocil:actions>	78	······<ocil:actions>
79	········<ocil:test_action_ref>ocil:ssg-p~~ackage~~_u~~fw_rem~~oved_action:testaction:1</ocil:test_action_ref>	79	········<ocil:test_action_ref>ocil:ssg-file_permissions_ungroupowned_action:testaction:1</ocil:test_action_ref>
80	······</ocil:actions>	80	······</ocil:actions>
81	····</ocil:questionnaire>	81	····</ocil:questionnaire>
82	····<ocil:questionnaire·id="ocil:ssg-banner_etc_issue_ocil:questionnaire:1">
83	······<ocil:title>Modif~~y·the·Sy~~st~~em·Log~~in~~·Ba~~nner</ocil:title>	82	····<ocil:questionnaire·id="ocil:ssg-postfix_client_configure_relayhost_ocil:questionnaire:1">
		83	······<ocil:title>Configure·System·to·Forward·All·Mail·through·a·specific·host</ocil:title>
84	······<ocil:actions>	84	······<ocil:actions>
85	········<ocil:test_action_ref>ocil:ssg-~~banner~~_etc_i~~ssu~~e_action:testaction:1</ocil:test_action_ref>	85	········<ocil:test_action_ref>ocil:ssg-postfix_client_configure_relayhost_action:testaction:1</ocil:test_action_ref>
86	······</ocil:actions>	86	······</ocil:actions>
87	····</ocil:questionnaire>	87	····</ocil:questionnaire>
88	····<ocil:questionnaire·id="ocil:ssg-audit_rules_privileged_commands_unix_update_ocil:questionnaire:1">
89	······<ocil:~~title>E~~nsure·~~aud~~itd·Col~~lect~~s~~·In~~f~~ormat~~i~~on·on·t~~he·Use~~·of·P~~rivi~~leged·C~~o~~mma~~nds·-·unix_~~upd~~ate</ocil:title>	88	····<ocil:questionnaire·id="ocil:ssg-file_permissions_audit_binaries_ocil:questionnaire:1">
		89	······<ocil:title>Verify·that·audit·tools·Have·Mode·0755·or·less</ocil:title>
90	······<ocil:actions>	90	······<ocil:actions>
91	········<ocil:test_action_ref>ocil:ssg-audi~~t_ru~~les_p~~riv~~i~~leged_c~~o~~mma~~nds_unix_~~upd~~ate_action:testaction:1</ocil:test_action_ref>	91	········<ocil:test_action_ref>ocil:ssg-file_permissions_audit_binaries_action:testaction:1</ocil:test_action_ref>
92	······</ocil:actions>	92	······</ocil:actions>
93	····</ocil:questionnaire>	93	····</ocil:questionnaire>
94	····<ocil:questionnaire·id="ocil:ssg-kernel~~_conf~~ig_s~~ecurity~~_ocil:questionnaire:1">	94	····<ocil:questionnaire·id="ocil:ssg-package_openldap-clients_removed_ocil:questionnaire:1">
95	······<ocil:title>En~~abl~~e·~~differ~~ent·s~~ecur~~i~~ty·mod~~els</ocil:title>	95	······<ocil:title>Ensure·LDAP·client·is·not·installed</ocil:title>
96	······<ocil:actions>	96	······<ocil:actions>
97	········<ocil:test_action_ref>ocil:ssg-kernel~~_conf~~ig_s~~ecurity~~_action:testaction:1</ocil:test_action_ref>	97	········<ocil:test_action_ref>ocil:ssg-package_openldap-clients_removed_action:testaction:1</ocil:test_action_ref>
98	······</ocil:actions>	98	······</ocil:actions>
99	····</ocil:questionnaire>	99	····</ocil:questionnaire>
100	····<ocil:questionnaire·id="ocil:ssg-~~auditd_d~~ata_~~retention_~~n~~um_~~l~~ogs~~_ocil:questionnaire:1">	100	····<ocil:questionnaire·id="ocil:ssg-package_syslogng_installed_ocil:questionnaire:1">
101	······<ocil:title>Configure·~~auditd·Number~~·of·Logs~~·Re~~tained</ocil:title>	101	······<ocil:title>Ensure·syslog-ng·is·Installed</ocil:title>
102	······<ocil:actions>	102	······<ocil:actions>
103	········<ocil:test_action_ref>ocil:ssg-~~auditd_d~~ata_~~retention_~~n~~um_~~l~~ogs~~_action:testaction:1</ocil:test_action_ref>	103	········<ocil:test_action_ref>ocil:ssg-package_syslogng_installed_action:testaction:1</ocil:test_action_ref>
104	······</ocil:actions>	104	······</ocil:actions>
105	····</ocil:questionnaire>	105	····</ocil:questionnaire>
106	····<ocil:questionnaire·id="ocil:ssg-a~~cco~~unts_p~~asswor~~d_pam_~~ocre~~dit_ocil:questionnaire:1">	106	····<ocil:questionnaire·id="ocil:ssg-audit_rules_privileged_commands_unix_update_ocil:questionnaire:1">
107	······<ocil:title>Ensure·~~PAM~~·~~Enfor~~ces·~~Password·Requirem~~ents·-·Mini~~mum~~·~~Special~~·~~Characters~~</ocil:title>	107	······<ocil:title>Ensure·auditd·Collects·Information·on·the·Use·of·Privileged·Commands·-·unix_update</ocil:title>
108	······<ocil:actions>	108	······<ocil:actions>
109	········<ocil:test_action_ref>ocil:ssg-a~~cco~~unts_p~~asswor~~d_pam_~~ocre~~dit_action:testaction:1</ocil:test_action_ref>	109	········<ocil:test_action_ref>ocil:ssg-audit_rules_privileged_commands_unix_update_action:testaction:1</ocil:test_action_ref>
110	······</ocil:actions>	110	······</ocil:actions>
111	····</ocil:questionnaire>	111	····</ocil:questionnaire>
112	····<ocil:questionnaire·id="ocil:ssg-mount_option_var_log_noexec_ocil:questionnaire:1">
113	······<ocil:title>Add~~·noex~~e~~c·Opt~~i~~on·t~~o~~·/var/lo~~g</ocil:title>	112	····<ocil:questionnaire·id="ocil:ssg-audit_rules_privileged_commands_newgidmap_ocil:questionnaire:1">
		113	······<ocil:title>Ensure·auditd·Collects·Information·on·the·Use·of·Privileged·Commands·-·newgidmap</ocil:title>
114	······<ocil:actions>	114	······<ocil:actions>
115	········<ocil:test_action_ref>ocil:ssg-~~moun~~t_opti~~on_var~~_log_n~~oexec~~_action:testaction:1</ocil:test_action_ref>	115	········<ocil:test_action_ref>ocil:ssg-audit_rules_privileged_commands_newgidmap_action:testaction:1</ocil:test_action_ref>
116	······</ocil:actions>	116	······</ocil:actions>
117	····</ocil:questionnaire>	117	····</ocil:questionnaire>
118	····<ocil:questionnaire·id="ocil:ssg-kernel_config_page_poisoning_no_sanity_ocil:questionnaire:1">
119	······<ocil:~~title>E~~nable·pois~~on·w~~i~~tho~~u~~t·sani~~t~~y·ch~~e~~ck<~~/ocil:title>	118	····<ocil:questionnaire·id="ocil:ssg-aide_build_database_ocil:questionnaire:1">
		119	······<ocil:title>Build·and·Test·AIDE·Database</ocil:title>
120	······<ocil:actions>	120	······<ocil:actions>
121	········<ocil:test_action_ref>ocil:ssg-~~kernel_con~~fi~~g_pa~~ge_~~pois~~oning_n~~o_s~~a~~nity~~_action:testaction:1</ocil:test_action_ref>	121	········<ocil:test_action_ref>ocil:ssg-aide_build_database_action:testaction:1</ocil:test_action_ref>
Max diff block lines reached; 1424316/1436806 bytes (99.13%) of diff not shown.


Offset 14284, 15 lines modified		Offset 14284, 15 lines modified
00037cb0:·4869·7374·6f72·793c·2f68·323e·3c70·3e43··History</h2><p>C		00037cb0:·4869·7374·6f72·793c·2f68·323e·3c70·3e43··History</h2><p>C
00037cc0:·7572·7265·6e74·2076·6572·7369·6f6e·3a20··urrent·version:·		00037cc0:·7572·7265·6e74·2076·6572·7369·6f6e·3a20··urrent·version:·
00037cd0:·3c73·7472·6f6e·673e·302e·312e·3734·3c2f··<strong>0.1.74</		00037cd0:·3c73·7472·6f6e·673e·302e·312e·3734·3c2f··<strong>0.1.74</
00037ce0:·7374·726f·6e67·3e3c·2f70·3e3c·756c·3e3c··strong></p><ul><		00037ce0:·7374·726f·6e67·3e3c·2f70·3e3c·756c·3e3c··strong></p><ul><
00037cf0:·6c69·3e3c·7374·726f·6e67·3e64·7261·6674··li><strong>draft		00037cf0:·6c69·3e3c·7374·726f·6e67·3e64·7261·6674··li><strong>draft
00037d00:·3c2f·7374·726f·6e67·3e0a·2020·2020·2020··</strong>.······		00037d00:·3c2f·7374·726f·6e67·3e0a·2020·2020·2020··</strong>.······
00037d10:·2020·2020·2020·2020·2020·2020·2020·2861················(a		00037d10:·2020·2020·2020·2020·2020·2020·2020·2861················(a
00037d20:·7320·6f66·2032·3032·362d·3031·2d30·3829··s·of·2026-01-08)		00037d20:·7320·6f66·2032·3032·342d·3132·2d30·3729··s·of·2024-12-07)
00037d30:·0a20·2020·2020·2020·2020·2020·2020·2020··.···············		00037d30:·0a20·2020·2020·2020·2020·2020·2020·2020··.···············
00037d40:·203c·2f6c·693e·3c2f·756c·3e3c·2f64·6976···</li></ul></div		00037d40:·203c·2f6c·693e·3c2f·756c·3e3c·2f64·6976···</li></ul></div
00037d50:·3e3c·6832·3e54·6162·6c65·206f·6620·436f··><h2>Table·of·Co		00037d50:·3e3c·6832·3e54·6162·6c65·206f·6620·436f··><h2>Table·of·Co
00037d60:·6e74·656e·7473·3c2f·6832·3e3c·6f6c·3e3c··ntents</h2><ol><		00037d60:·6e74·656e·7473·3c2f·6832·3e3c·6f6c·3e3c··ntents</h2><ol><
00037d70:·6c69·3e3c·6120·6872·6566·3d22·2378·6363··li><a·href="#xcc		00037d70:·6c69·3e3c·6120·6872·6566·3d22·2378·6363··li><a·href="#xcc
00037d80:·6466·5f6f·7267·2e73·7367·7072·6f6a·6563··df_org.ssgprojec		00037d80:·6466·5f6f·7267·2e73·7367·7072·6f6a·6563··df_org.ssgprojec
00037d90:·742e·636f·6e74·656e·745f·6772·6f75·705f··t.content_group_		00037d90:·742e·636f·6e74·656e·745f·6772·6f75·705f··t.content_group_
Offset 16001, 146 lines modified		Offset 16001, 146 lines modified
0003e800:·6172·6765·743d·2223·6964·6d31·3934·3022··arget="#idm1940"		0003e800:·6172·6765·743d·2223·6964·6d31·3934·3022··arget="#idm1940"
0003e810:·2074·6162·696e·6465·783d·2230·2220·726f···tabindex="0"·ro		0003e810:·2074·6162·696e·6465·783d·2230·2220·726f···tabindex="0"·ro
0003e820:·6c65·3d22·6275·7474·6f6e·2220·6172·6961··le="button"·aria		0003e820:·6c65·3d22·6275·7474·6f6e·2220·6172·6961··le="button"·aria
0003e830:·2d65·7870·616e·6465·643d·2266·616c·7365··-expanded="false		0003e830:·2d65·7870·616e·6465·643d·2266·616c·7365··-expanded="false
0003e840:·2220·7469·746c·653d·2241·6374·6976·6174··"·title="Activat		0003e840:·2220·7469·746c·653d·2241·6374·6976·6174··"·title="Activat
0003e850:·6520·746f·2072·6576·6561·6c22·2068·7265··e·to·reveal"·hre		0003e850:·6520·746f·2072·6576·6561·6c22·2068·7265··e·to·reveal"·hre
0003e860:·663d·2223·2122·3e52·656d·6564·6961·7469··f="#!">Remediati		0003e860:·663d·2223·2122·3e52·656d·6564·6961·7469··f="#!">Remediati
0003e870:·6f6e·2053·6865·6c6c·2073·6372·6970·7420··on·Shell·script·
0003e880:·e287·b23c·2f61·3e3c·6272·3e3c·6469·7620··...</a><br><div·
0003e890:·636c·6173·733d·2270·616e·656c·2d63·6f6c··class="panel-col
0003e8a0:·6c61·7073·6520·636f·6c6c·6170·7365·2220··lapse·collapse"·
0003e8b0:·6964·3d22·6964·6d31·3934·3022·3e3c·7461··id="idm1940"><ta
0003e8c0:·626c·6520·636c·6173·733d·2274·6162·6c65··ble·class="table
0003e8d0:·2074·6162·6c65·2d73·7472·6970·6564·2074···table-striped·t
0003e8e0:·6162·6c65·2d62·6f72·6465·7265·6420·7461··able-bordered·ta
0003e8f0:·626c·652d·636f·6e64·656e·7365·6422·3e3c··ble-condensed"><
0003e900:·7472·3e3c·7468·3e43·6f6d·706c·6578·6974··tr><th>Complexit
0003e910:·793a·3c2f·7468·3e3c·7464·3e6c·6f77·3c2f··y:</th><td>low</
0003e920:·7464·3e3c·2f74·723e·3c74·723e·3c74·683e··td></tr><tr><th>
0003e930:·4469·7372·7570·7469·6f6e·3a3c·2f74·683e··Disruption:</th>
0003e940:·3c74·643e·6c6f·773c·2f74·643e·3c2f·7472··<td>low</td></tr
0003e950:·3e3c·7472·3e3c·7468·3e52·6562·6f6f·743a··><tr><th>Reboot:
0003e960:·3c2f·7468·3e3c·7464·3e66·616c·7365·3c2f··</th><td>false</
0003e970:·7464·3e3c·2f74·723e·3c74·723e·3c74·683e··td></tr><tr><th>
0003e980:·5374·7261·7465·6779·3a3c·2f74·683e·3c74··Strategy:</th><t
0003e990:·643e·7265·7374·7269·6374·3c2f·7464·3e3c··d>restrict</td><
0003e9a0:·2f74·723e·3c2f·7461·626c·653e·3c70·7265··/tr></table><pre
0003e9b0:·3e3c·636f·6465·3e0a·666f·7220·6620·696e··><code>.for·f·in
0003e9c0:·202f·6574·632f·7375·646f·6572·7320·2f65···/etc/sudoers·/e
0003e9d0:·7463·2f73·7564·6f65·7273·2e64·2f2a·203b··tc/sudoers.d/*·;
0003e9e0:·2064·6f0a·2020·6966·205b·2021·202d·6520···do.··if·[·!·-e·
0003e9f0:·2224·6622·205d·203b·2074·6865·6e0a·2020··"$f"·]·;·then.··
0003ea00:·2020·636f·6e74·696e·7565·0a20·2066·690a····continue.··fi.
0003ea10:·2020·6d61·7463·6869·6e67·5f6c·6973·743d····matching_list=
0003ea20:·2428·6772·6570·202d·5020·275e·283f·2123··$(grep·-P·'^(?!#
0003ea30:·292e·2a5b·5c73·5d2b·5c21·6175·7468·656e··).*[\s]+\!authen
0003ea40:·7469·6361·7465·2e2a·2427·2024·6620·7c20··ticate.*$'·$f·\|·
0003ea50:·756e·6971·2029·0a20·2069·6620·2120·7465··uniq·).··if·!·te
0003ea60:·7374·202d·7a20·2224·6d61·7463·6869·6e67··st·-z·"$matching
0003ea70:·5f6c·6973·7422·3b20·7468·656e·0a20·2020··_list";·then.···
0003ea80:·2077·6869·6c65·2049·4653·3d20·7265·6164···while·IFS=·read
0003ea90:·202d·7220·656e·7472·793b·2064·6f0a·2020···-r·entry;·do.··
0003eaa0:·2020·2020·2320·636f·6d6d·656e·7420·6f75······#·comment·ou
0003eab0:·7420·2221·6175·7468·656e·7469·6361·7465··t·"!authenticate
0003eac0:·2220·6d61·7463·6865·7320·746f·2070·7265··"·matches·to·pre
0003ead0:·7365·7276·6520·7573·6572·2064·6174·610a··serve·user·data.
0003eae0:·2020·2020·2020·7365·6420·2d69·2022·732f········sed·-i·"s/
0003eaf0:·5e24·7b65·6e74·7279·7d24·2f23·2026·616d··^${entry}$/#·&am
0003eb00:·703b·2f67·2220·2466·0a20·2020·2064·6f6e··p;/g"·$f.····don
0003eb10:·6520·266c·743b·266c·743b·266c·743b·2022··e·<<<·"
0003eb20:·246d·6174·6368·696e·675f·6c69·7374·220a··$matching_list".
0003eb30:·0a20·2020·202f·7573·722f·7362·696e·2f76··.····/usr/sbin/v
0003eb40:·6973·7564·6f20·2d63·6620·2466·2026·616d··isudo·-cf·$f·&am
0003eb50:·703b·2667·743b·202f·6465·762f·6e75·6c6c··p;>·/dev/null
0003eb60:·207c·7c20·6563·686f·2022·4661·696c·2074···\|\|·echo·"Fail·t
0003eb70:·6f20·7661·6c69·6461·7465·2024·6620·7769··o·validate·$f·wi
0003eb80:·7468·2076·6973·7564·6f22·0a20·2066·690a··th·visudo".··fi.
0003eb90:·646f·6e65·0a3c·2f63·6f64·653e·3c2f·7072··done.</code></pr
0003eba0:·653e·3c2f·6469·763e·3c61·2063·6c61·7373··e></div><a·class
0003ebb0:·3d22·6274·6e20·6274·6e2d·7375·6363·6573··="btn·btn-succes
0003ebc0:·7322·2064·6174·612d·746f·6767·6c65·3d22··s"·data-toggle="
0003ebd0:·636f·6c6c·6170·7365·2220·6461·7461·2d74··collapse"·data-t
0003ebe0:·6172·6765·743d·2223·6964·6d31·3934·3122··arget="#idm1941"
0003ebf0:·2074·6162·696e·6465·783d·2230·2220·726f···tabindex="0"·ro
0003ec00:·6c65·3d22·6275·7474·6f6e·2220·6172·6961··le="button"·aria
0003ec10:·2d65·7870·616e·6465·643d·2266·616c·7365··-expanded="false
0003ec20:·2220·7469·746c·653d·2241·6374·6976·6174··"·title="Activat
0003ec30:·6520·746f·2072·6576·6561·6c22·2068·7265··e·to·reveal"·hre
0003ec40:·663d·2223·2122·3e52·656d·6564·6961·7469··f="#!">Remediati
0003ec50:·6f6e·2041·6e73·6962·6c65·2073·6e69·7070··on·Ansible·snipp		0003e870:·6f6e·2041·6e73·6962·6c65·2073·6e69·7070··on·Ansible·snipp
0003ec60:·6574·20e2·87b2·3c2f·613e·3c62·723e·3c64··et·...</a><br><d		0003e880:·6574·20e2·87b2·3c2f·613e·3c62·723e·3c64··et·...</a><br><d
0003ec70:·6976·2063·6c61·7373·3d22·7061·6e65·6c2d··iv·class="panel-		0003e890:·6976·2063·6c61·7373·3d22·7061·6e65·6c2d··iv·class="panel-
0003ec80:·636f·6c6c·6170·7365·2063·6f6c·6c61·7073··collapse·collaps		0003e8a0:·636f·6c6c·6170·7365·2063·6f6c·6c61·7073··collapse·collaps
0003ec90:·6522·2069·643d·2269·646d·3139·3431·223e··e"·id="idm1941">		0003e8b0:·6522·2069·643d·2269·646d·3139·3430·223e··e"·id="idm1940">
0003eca0:·3c74·6162·6c65·2063·6c61·7373·3d22·7461··<table·class="ta		0003e8c0:·3c74·6162·6c65·2063·6c61·7373·3d22·7461··<table·class="ta
0003ecb0:·626c·6520·7461·626c·652d·7374·7269·7065··ble·table-stripe		0003e8d0:·626c·6520·7461·626c·652d·7374·7269·7065··ble·table-stripe
0003ecc0:·6420·7461·626c·652d·626f·7264·6572·6564··d·table-bordered		0003e8e0:·6420·7461·626c·652d·626f·7264·6572·6564··d·table-bordered
0003ecd0:·2074·6162·6c65·2d63·6f6e·6465·6e73·6564···table-condensed		0003e8f0:·2074·6162·6c65·2d63·6f6e·6465·6e73·6564···table-condensed
0003ece0:·223e·3c74·723e·3c74·683e·436f·6d70·6c65··"><tr><th>Comple		0003e900:·223e·3c74·723e·3c74·683e·436f·6d70·6c65··"><tr><th>Comple
0003ecf0:·7869·7479·3a3c·2f74·683e·3c74·643e·6c6f··xity:</th><td>lo		0003e910:·7869·7479·3a3c·2f74·683e·3c74·643e·6c6f··xity:</th><td>lo
0003ed00:·773c·2f74·643e·3c2f·7472·3e3c·7472·3e3c··w</td></tr><tr><		0003e920:·773c·2f74·643e·3c2f·7472·3e3c·7472·3e3c··w</td></tr><tr><
0003ed10:·7468·3e44·6973·7275·7074·696f·6e3a·3c2f··th>Disruption:</		0003e930:·7468·3e44·6973·7275·7074·696f·6e3a·3c2f··th>Disruption:</
0003ed20:·7468·3e3c·7464·3e6c·6f77·3c2f·7464·3e3c··th><td>low</td><		0003e940:·7468·3e3c·7464·3e6c·6f77·3c2f·7464·3e3c··th><td>low</td><
0003ed30:·2f74·723e·3c74·723e·3c74·683e·5265·626f··/tr><tr><th>Rebo		0003e950:·2f74·723e·3c74·723e·3c74·683e·5265·626f··/tr><tr><th>Rebo
0003ed40:·6f74·3a3c·2f74·683e·3c74·643e·6661·6c73··ot:</th><td>fals		0003e960:·6f74·3a3c·2f74·683e·3c74·643e·6661·6c73··ot:</th><td>fals
0003ed50:·653c·2f74·643e·3c2f·7472·3e3c·7472·3e3c··e</td></tr><tr><		0003e970:·653c·2f74·643e·3c2f·7472·3e3c·7472·3e3c··e</td></tr><tr><
0003ed60:·7468·3e53·7472·6174·6567·793a·3c2f·7468··th>Strategy:</th		0003e980:·7468·3e53·7472·6174·6567·793a·3c2f·7468··th>Strategy:</th
0003ed70:·3e3c·7464·3e72·6573·7472·6963·743c·2f74··><td>restrict</t		0003e990:·3e3c·7464·3e72·6573·7472·6963·743c·2f74··><td>restrict</t
0003ed80:·643e·3c2f·7472·3e3c·2f74·6162·6c65·3e3c··d></tr></table><		0003e9a0:·643e·3c2f·7472·3e3c·2f74·6162·6c65·3e3c··d></tr></table><
0003ed90:·7072·653e·3c63·6f64·653e·2d20·6e61·6d65··pre><code>-·name		0003e9b0:·7072·653e·3c63·6f64·653e·2d20·6e61·6d65··pre><code>-·name
0003eda0:·3a20·4669·6e64·202f·6574·632f·7375·646f··:·Find·/etc/sudo		0003e9c0:·3a20·4669·6e64·202f·6574·632f·7375·646f··:·Find·/etc/sudo
0003edb0:·6572·732e·642f·2066·696c·6573·0a20·2061··ers.d/·files.··a		0003e9d0:·6572·732e·642f·2066·696c·6573·0a20·2061··ers.d/·files.··a
0003edc0:·6e73·6962·6c65·2e62·7569·6c74·696e·2e66··nsible.builtin.f		0003e9e0:·6e73·6962·6c65·2e62·7569·6c74·696e·2e66··nsible.builtin.f
0003edd0:·696e·643a·0a20·2020·2070·6174·6873·3a0a··ind:.····paths:.		0003e9f0:·696e·643a·0a20·2020·2070·6174·6873·3a0a··ind:.····paths:.
0003ede0:·2020·2020·2d20·2f65·7463·2f73·7564·6f65······-·/etc/sudoe		0003ea00:·2020·2020·2d20·2f65·7463·2f73·7564·6f65······-·/etc/sudoe
0003edf0:·7273·2e64·2f0a·2020·7265·6769·7374·6572··rs.d/.··register		0003ea10:·7273·2e64·2f0a·2020·7265·6769·7374·6572··rs.d/.··register
0003ee00:·3a20·7375·646f·6572·730a·2020·7461·6773··:·sudoers.··tags		0003ea20:·3a20·7375·646f·6572·730a·2020·7461·6773··:·sudoers.··tags
0003ee10:·3a0a·2020·2d20·4e49·5354·2d38·3030·2d35··:.··-·NIST-800-5		0003ea30:·3a0a·2020·2d20·4e49·5354·2d38·3030·2d35··:.··-·NIST-800-5
0003ee20:·332d·434d·2d36·2861·290a·2020·2d20·4e49··3-CM-6(a).··-·NI		0003ea40:·332d·434d·2d36·2861·290a·2020·2d20·4e49··3-CM-6(a).··-·NI
0003ee30:·5354·2d38·3030·2d35·332d·4941·2d31·310a··ST-800-53-IA-11.		0003ea50:·5354·2d38·3030·2d35·332d·4941·2d31·310a··ST-800-53-IA-11.
0003ee40:·2020·2d20·6c6f·775f·636f·6d70·6c65·7869····-·low_complexi		0003ea60:·2020·2d20·6c6f·775f·636f·6d70·6c65·7869····-·low_complexi
0003ee50:·7479·0a20·202d·206c·6f77·5f64·6973·7275··ty.··-·low_disru		0003ea70:·7479·0a20·202d·206c·6f77·5f64·6973·7275··ty.··-·low_disru
0003ee60:·7074·696f·6e0a·2020·2d20·6d65·6469·756d··ption.··-·medium		0003ea80:·7074·696f·6e0a·2020·2d20·6d65·6469·756d··ption.··-·medium
0003ee70:·5f73·6576·6572·6974·790a·2020·2d20·6e6f··_severity.··-·no		0003ea90:·5f73·6576·6572·6974·790a·2020·2d20·6e6f··_severity.··-·no
0003ee80:·5f72·6562·6f6f·745f·6e65·6564·6564·0a20··_reboot_needed.·		0003eaa0:·5f72·6562·6f6f·745f·6e65·6564·6564·0a20··_reboot_needed.·
0003ee90:·202d·2072·6573·7472·6963·745f·7374·7261···-·restrict_stra		0003eab0:·202d·2072·6573·7472·6963·745f·7374·7261···-·restrict_stra
0003eea0:·7465·6779·0a20·202d·2073·7564·6f5f·7265··tegy.··-·sudo_re		0003eac0:·7465·6779·0a20·202d·2073·7564·6f5f·7265··tegy.··-·sudo_re
0003eeb0:·6d6f·7665·5f6e·6f5f·6175·7468·656e·7469··move_no_authenti		0003ead0:·6d6f·7665·5f6e·6f5f·6175·7468·656e·7469··move_no_authenti
0003eec0:·6361·7465·0a0a·2d20·6e61·6d65·3a20·5265··cate..-·name:·Re		0003eae0:·6361·7465·0a0a·2d20·6e61·6d65·3a20·5265··cate..-·name:·Re
0003eed0:·6d6f·7665·206c·696e·6573·2063·6f6e·7461··move·lines·conta		0003eaf0:·6d6f·7665·206c·696e·6573·2063·6f6e·7461··move·lines·conta
0003eee0:·696e·696e·6720·2161·7574·6865·6e74·6963··ining·!authentic		0003eb00:·696e·696e·6720·2161·7574·6865·6e74·6963··ining·!authentic
Max diff block lines reached; 933024/952950 bytes (97.91%) of diff not shown.