Clarify what fixes for AIDE acl and xattrs do

From the rule description is not clear what will be changed by the rule.
ComplianceAsCode · May 6, 2021 · 9678c52 · 9678c52
1 parent 713eb14
commit 9678c52
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 0 deletions.
diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_verify_acls/rule.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_verify_acls/rule.yml
@@ -13,6 +13,9 @@ description: |-
     AIDE rules can be configured in multiple ways; this is merely one example that is already
     configured by default.
 
+    The remediation provided with this rule adds <tt>acl</tt> to all rule sets available in
+    <tt>/etc/aide.conf</tt>
+
 rationale: |-
     ACLs can provide permissions beyond those permitted through the file mode and must be
     verified by the file integrity tools.

diff --git a/...ide/system/software/integrity/software-integrity/aide/aide_verify_ext_attributes/rule.yml b/...ide/system/software/integrity/software-integrity/aide/aide_verify_ext_attributes/rule.yml
@@ -13,6 +13,9 @@ description: |-
     AIDE rules can be configured in multiple ways; this is merely one example that is already
     configured by default.
 
+    The remediation provided with this rule adds <tt>xattrs</tt> to all rule sets available in
+    <tt>/etc/aide.conf</tt>
+
 rationale: |-
     Extended attributes in file systems are used to contain arbitrary data and file metadata
     with security implications.