From d0dc06a9108ed18197e22dd9e51253e21ed844d6 Mon Sep 17 00:00:00 2001 From: Thomas H Jones II Date: Tue, 9 May 2023 06:29:44 -0400 Subject: [PATCH] Fix comment-text to reflect broader (mis)specification --- docs/findings/el8.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/findings/el8.md b/docs/findings/el8.md index 78ab805c7..f0f1896fa 100644 --- a/docs/findings/el8.md +++ b/docs/findings/el8.md @@ -262,8 +262,8 @@ If using a vendor-supported Linux and this scan finding occurs, it's likely that **Expected Finding:** -Finding is specific to Oracle Linux 8 STIG profile. Per the STIG notes: +Per the STIG notes: > Automatic remediation of this control is not available due to the unique requirements of each system. -While automation _could_ be authored that would leverage a site- or host-specific allowed-users list to disable or delete forbidden accounts, there exists an extremely-high likelihood that scanners used against such configuration-controlled operating environments would not contain the scanning logic necessary to validate compliance. As such and with or without user-controlling automation-content, STIG scanners would still flag systems that are technically compliant. +While-automation _could_ be authored that would leverage a site- or host-specific allowed-users list to disable or delete forbidden accounts, there exists an extremely-high likelihood that scanners used against such configuration-controlled operating environments would not contain the scanning logic necessary to validate compliance. As such – and with or without user-controlling automation-content – STIG scanners would still flag systems that are technically compliant.