|
 |
475544 |
From 713bc3b17929d0c73b7898f42fe7935806a3bfff Mon Sep 17 00:00:00 2001
|
|
|
475544 |
From: Gabe <redhatrises@gmail.com>
|
|
|
475544 |
Date: Tue, 16 Jun 2020 16:04:10 -0600
|
|
|
475544 |
Subject: [PATCH] Remove grub documentation links from RHEL7 rationale
|
|
|
475544 |
|
|
|
475544 |
---
|
|
|
475544 |
.../system/bootloader-grub2/grub2_admin_username/rule.yml | 7 -------
|
|
|
475544 |
.../guide/system/bootloader-grub2/grub2_password/rule.yml | 7 -------
|
|
|
475544 |
.../system/bootloader-grub2/grub2_uefi_password/rule.yml | 7 -------
|
|
|
475544 |
3 files changed, 21 deletions(-)
|
|
|
475544 |
|
|
|
475544 |
diff --git a/linux_os/guide/system/bootloader-grub2/grub2_admin_username/rule.yml b/linux_os/guide/system/bootloader-grub2/grub2_admin_username/rule.yml
|
|
|
475544 |
index 2042a17806..63a6a7a83c 100644
|
|
|
475544 |
--- a/linux_os/guide/system/bootloader-grub2/grub2_admin_username/rule.yml
|
|
|
475544 |
+++ b/linux_os/guide/system/bootloader-grub2/grub2_admin_username/rule.yml
|
|
|
475544 |
@@ -24,13 +24,6 @@ description: |-
|
|
|
475544 |
|
|
|
475544 |
rationale: |-
|
|
|
475544 |
Having a non-default grub superuser username makes password-guessing attacks less effective.
|
|
|
475544 |
- {{% if product == "rhel7" %}}
|
|
|
475544 |
- For more information on how to configure the grub2 superuser account and password,
|
|
|
475544 |
- please refer to
|
|
|
475544 |
-
|
|
|
475544 |
- {{{ weblink(link="https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/System_Administrators_Guide/sec-Protecting_GRUB_2_with_a_Password.html") }}}.
|
|
|
475544 |
-
|
|
|
475544 |
- {{% endif %}}
|
|
|
475544 |
|
|
|
475544 |
severity: low
|
|
|
475544 |
|
|
|
475544 |
diff --git a/linux_os/guide/system/bootloader-grub2/grub2_password/rule.yml b/linux_os/guide/system/bootloader-grub2/grub2_password/rule.yml
|
|
|
475544 |
index 00cec58c77..985b8727d7 100644
|
|
|
475544 |
--- a/linux_os/guide/system/bootloader-grub2/grub2_password/rule.yml
|
|
|
475544 |
+++ b/linux_os/guide/system/bootloader-grub2/grub2_password/rule.yml
|
|
|
475544 |
@@ -23,13 +23,6 @@ rationale: |-
|
|
|
475544 |
users with physical access cannot trivially alter
|
|
|
475544 |
important bootloader settings. These include which kernel to use,
|
|
|
475544 |
and whether to enter single-user mode.
|
|
|
475544 |
- {{% if product == "rhel7" %}}
|
|
|
475544 |
- For more information on how to configure the grub2 superuser account and password,
|
|
|
475544 |
- please refer to
|
|
|
475544 |
-
|
|
|
475544 |
- {{{ weblink(link="https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/System_Administrators_Guide/sec-Protecting_GRUB_2_with_a_Password.html") }}}.
|
|
|
475544 |
-
|
|
|
475544 |
- {{% endif %}}
|
|
|
475544 |
|
|
|
475544 |
severity: high
|
|
|
475544 |
|
|
|
475544 |
diff --git a/linux_os/guide/system/bootloader-grub2/grub2_uefi_password/rule.yml b/linux_os/guide/system/bootloader-grub2/grub2_uefi_password/rule.yml
|
|
|
475544 |
index 954d6f21d0..3ce5a2df13 100644
|
|
|
475544 |
--- a/linux_os/guide/system/bootloader-grub2/grub2_uefi_password/rule.yml
|
|
|
475544 |
+++ b/linux_os/guide/system/bootloader-grub2/grub2_uefi_password/rule.yml
|
|
|
475544 |
@@ -23,13 +23,6 @@ rationale: |-
|
|
|
475544 |
users with physical access cannot trivially alter
|
|
|
475544 |
important bootloader settings. These include which kernel to use,
|
|
|
475544 |
and whether to enter single-user mode.
|
|
|
475544 |
- {{% if product == "rhel7" %}}
|
|
|
475544 |
- For more information on how to configure the grub2 superuser account and password,
|
|
|
475544 |
- please refer to
|
|
|
475544 |
-
|
|
|
475544 |
- {{{ weblink(link="https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/System_Administrators_Guide/sec-Protecting_GRUB_2_with_a_Password.html") }}}.
|
|
|
475544 |
-
|
|
|
475544 |
- {{% endif %}}
|
|
|
475544 |
|
|
|
475544 |
severity: medium
|
|
|
475544 |
|