Merge pull request #10334 from vojtapolasek/anssi_20_upstream

Update ANSSI BP-028 to version 2.0

linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_password_auth/rule.yml

@@ -42,7 +42,6 @@ identifiers:
     cce@rhel9: CCE-86354-8
 
 references:
-    anssi: BP28(R18)
     cis-csc: 1,12,15,16,5
     cis@alinux2: 5.3.3
     cis@alinux3: 5.5.3

linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/accounts_password_pam_pwhistory_remember_system_auth/rule.yml

@@ -42,7 +42,6 @@ identifiers:
     cce@rhel9: CCE-89176-2
 
 references:
-    anssi: BP28(R18)
     cis-csc: 1,12,15,16,5
     cis@alinux2: 5.3.3
     cis@alinux3: 5.5.3

linux_os/guide/system/accounts/enable_authselect/rule.yml

@@ -23,7 +23,7 @@ identifiers:
     cce@rhel9: CCE-89732-2
 
 references:
-    anssi: BP28(R5)
+    anssi: BP28(R31)
     cis@rhel8: 1.2.3
     cis@rhel9: 5.4.1
     disa: CCI-000213

linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_chmod/rule.yml

@@ -35,6 +35,7 @@ identifiers:
     cce@sle15: CCE-85693-0
 
 references:
+    anssi: BP28(R73)
     cis-csc: 1,11,12,13,14,15,16,19,2,3,4,5,6,7,8,9
     cis@alinux2: 4.1.10
     cis@rhel7: 4.1.9

linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_chown/rule.yml

@@ -35,6 +35,7 @@ identifiers:
     cce@sle15: CCE-85690-6
 
 references:
+    anssi: BP28(R73)
     cis-csc: 1,11,12,13,14,15,16,19,2,3,4,5,6,7,8,9
     cis@alinux2: 4.1.10
     cis@rhel7: 4.1.9

linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmod/rule.yml

@@ -35,6 +35,7 @@ identifiers:
     cce@sle15: CCE-85694-8
 
 references:
+    anssi: BP28(R73)
     cis-csc: 1,11,12,13,14,15,16,19,2,3,4,5,6,7,8,9
     cis@alinux2: 4.1.10
     cis@rhel7: 4.1.9

linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchmodat/rule.yml

@@ -35,6 +35,7 @@ identifiers:
     cce@sle15: CCE-85695-5
 
 references:
+    anssi: BP28(R73)
     cis-csc: 1,11,12,13,14,15,16,19,2,3,4,5,6,7,8,9
     cis@alinux2: 4.1.10
     cis@rhel7: 4.1.9

linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchown/rule.yml

@@ -38,6 +38,7 @@ identifiers:
     cce@sle15: CCE-85721-9
 
 references:
+    anssi: BP28(R73)
     cis-csc: 1,11,12,13,14,15,16,19,2,3,4,5,6,7,8,9
     cis@alinux2: 4.1.10
     cis@rhel7: 4.1.9

linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fchownat/rule.yml

@@ -35,6 +35,7 @@ identifiers:
     cce@sle15: CCE-85692-2
 
 references:
+    anssi: BP28(R73)
     cis-csc: 1,11,12,13,14,15,16,19,2,3,4,5,6,7,8,9
     cis@alinux2: 4.1.10
     cis@rhel7: 4.1.9

linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fremovexattr/rule.yml

@@ -52,6 +52,7 @@ identifiers:
     cce@sle15: CCE-85686-4
 
 references:
+    anssi: BP28(R73)
     cis-csc: 1,11,12,13,14,15,16,19,2,3,4,5,6,7,8,9
     cis@alinux2: 4.1.10
     cis@rhel7: 4.1.9

linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_fsetxattr/rule.yml

@@ -47,6 +47,7 @@ identifiers:
     cce@sle15: CCE-85688-0
 
 references:
+    anssi: BP28(R73)
     cis-csc: 1,11,12,13,14,15,16,19,2,3,4,5,6,7,8,9
     cis@alinux2: 4.1.10
     cis@rhel7: 4.1.9

linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lchown/rule.yml

@@ -35,6 +35,7 @@ identifiers:
     cce@sle15: CCE-85691-4
 
 references:
+    anssi: BP28(R73)
     cis-csc: 1,11,12,13,14,15,16,19,2,3,4,5,6,7,8,9
     cis@alinux2: 4.1.10
     cis@rhel7: 4.1.9

linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lremovexattr/rule.yml

@@ -52,6 +52,7 @@ identifiers:
     cce@sle15: CCE-85685-6
 
 references:
+    anssi: BP28(R73)
     cis-csc: 1,11,12,13,14,15,16,19,2,3,4,5,6,7,8,9
     cis@alinux2: 4.1.10
     cis@rhel7: 4.1.9

linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_lsetxattr/rule.yml

@@ -47,6 +47,7 @@ identifiers:
     cce@sle15: CCE-85689-8
 
 references:
+    anssi: BP28(R73)
     cis-csc: 1,11,12,13,14,15,16,19,2,3,4,5,6,7,8,9
     cis@alinux2: 4.1.10
     cis@rhel7: 4.1.9

linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_removexattr/rule.yml

@@ -51,6 +51,7 @@ identifiers:
     cce@sle15: CCE-85684-9
 
 references:
+    anssi: BP28(R73)
     cis-csc: 1,11,12,13,14,15,16,19,2,3,4,5,6,7,8,9
     cis@alinux2: 4.1.10
     cis@rhel7: 4.1.9

linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_setxattr/rule.yml

@@ -47,6 +47,7 @@ identifiers:
     cce@sle15: CCE-85687-2
 
 references:
+    anssi: BP28(R73)
     cis-csc: 1,11,12,13,14,15,16,19,2,3,4,5,6,7,8,9
     cis@alinux2: 4.1.10
     cis@rhel7: 4.1.9

linux_os/guide/system/auditing/auditd_configure_rules/audit_dac_actions/audit_rules_dac_modification_umount2/rule.yml

@@ -27,11 +27,14 @@ rationale: |-
 severity: medium
 
 identifiers:
+    cce@rhel7: CCE-90777-4
+    cce@rhel8: CCE-90776-6
     cce@rhel9: CCE-88570-7
     cce@sle12: CCE-83219-6
     cce@sle15: CCE-91250-1
 
 references:
+    anssi: BP28(R73)
     disa: CCI-000130,CCI-000169,CCI-000172,CCI-002884
     nist@sle12: AU-3,AU-3.1,AU-12.1(ii),AU-12(a),AU-12.1(iv),AU-12(c),MA-4(1)(a)
     srg: SRG-OS-000037-GPOS-00015,SRG-OS-000062-GPOS-00031,SRG-OS-000392-GPOS-00172,SRG-OS-000462-GPOS-00206,SRG-OS-000471-GPOS-00215

linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rename/rule.yml

@@ -32,6 +32,7 @@ identifiers:
     cce@sle15: CCE-85768-0
 
 references:
+    anssi: BP28(R73)
     cis-csc: 1,11,12,13,14,15,16,19,2,3,4,5,6,7,8,9
     cis@alinux2: 4.1.14
     cis@alinux3: 4.1.3.13

linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_renameat/rule.yml

@@ -32,6 +32,7 @@ identifiers:
     cce@sle15: CCE-85769-8
 
 references:
+    anssi: BP28(R73)
     cis-csc: 1,11,12,13,14,15,16,19,2,3,4,5,6,7,8,9
     cis@alinux2: 4.1.14
     cis@rhel7: 4.1.13

linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_rmdir/rule.yml

@@ -32,6 +32,7 @@ identifiers:
     cce@sle15: CCE-85770-6
 
 references:
+    anssi: BP28(R73)
     cis-csc: 1,11,12,13,14,15,16,19,2,3,4,5,6,7,8,9
     cis@rhel7: 4.1.14
     cis@rhel8: 4.1.14

linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlink/rule.yml

@@ -32,6 +32,7 @@ identifiers:
     cce@sle15: CCE-85771-4
 
 references:
+    anssi: BP28(R73)
     cis-csc: 1,11,12,13,14,15,16,19,2,3,4,5,6,7,8,9
     cis@alinux2: 4.1.14
     cis@rhel7: 4.1.13

linux_os/guide/system/auditing/auditd_configure_rules/audit_file_deletion_events/audit_rules_file_deletion_events_unlinkat/rule.yml

@@ -32,6 +32,7 @@ identifiers:
     cce@sle15: CCE-85772-2
 
 references:
+    anssi: BP28(R73)
     cis-csc: 1,11,12,13,14,15,16,19,2,3,4,5,6,7,8,9
     cis@alinux2: 4.1.14
     cis@rhel7: 4.1.13

linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_creat/rule.yml

@@ -41,6 +41,7 @@ identifiers:
     cce@sle15: CCE-85681-5
 
 references:
+    anssi: BP28(R73)
     cis-csc: 1,11,12,13,14,15,16,19,2,3,4,5,6,7,8,9
     cis@alinux2: 4.1.11
     cis@rhel7: 4.1.10

linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_ftruncate/rule.yml

@@ -44,6 +44,7 @@ identifiers:
     cce@sle15: CCE-85696-3
 
 references:
+    anssi: BP28(R73)
     cis-csc: 1,11,12,13,14,15,16,19,2,3,4,5,6,7,8,9
     cis@alinux2: 4.1.11
     cis@rhel7: 4.1.10

linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_open/rule.yml

@@ -44,6 +44,7 @@ identifiers:
     cce@sle15: CCE-85680-7
 
 references:
+    anssi: BP28(R73)
     cis-csc: 1,11,12,13,14,15,16,19,2,3,4,5,6,7,8,9
     cis@alinux2: 4.1.11
     cis@rhel7: 4.1.10

linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_openat/rule.yml

@@ -44,6 +44,7 @@ identifiers:
     cce@sle15: CCE-85682-3
 
 references:
+    anssi: BP28(R73)
     cis-csc: 1,11,12,13,14,15,16,19,2,3,4,5,6,7,8,9
     cis@alinux2: 4.1.11
     cis@rhel7: 4.1.10

linux_os/guide/system/auditing/auditd_configure_rules/audit_file_modification/audit_rules_unsuccessful_file_modification_truncate/rule.yml

@@ -44,6 +44,7 @@ identifiers:
     cce@sle15: CCE-85608-8
 
 references:
+    anssi: BP28(R73)
     cis-csc: 1,11,12,13,14,15,16,19,2,3,4,5,6,7,8,9
     cis@alinux2: 4.1.11
     cis@rhel7: 4.1.10

linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/rule.yml

@@ -36,6 +36,7 @@ identifiers:
     cce@sle15: CCE-85748-2
 
 references:
+    anssi: BP28(R73)
     cis-csc: 1,11,12,13,14,15,16,19,2,3,4,5,6,7,8,9
     cis@alinux2: 4.1.17
     cis@alinux3: 4.1.3.26

linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/rule.yml

@@ -39,6 +39,7 @@ identifiers:
     cce@sle15: CCE-85749-0
 
 references:
+    anssi: BP28(R73)
     cis-csc: 1,11,12,13,14,15,16,19,2,3,4,5,6,7,8,9
     cis@alinux2: 4.1.17
     cis@rhel7: 4.1.17

linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/rule.yml

@@ -36,6 +36,7 @@ identifiers:
     cce@sle15: CCE-85750-8
 
 references:
+    anssi: BP28(R73)
     cis-csc: 1,11,12,13,14,15,16,19,2,3,4,5,6,7,8,9
     cis@alinux2: 4.1.17
     cis@rhel7: 4.1.16

linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_faillock/rule.yml

@@ -33,6 +33,7 @@ identifiers:
     cce@sle15: CCE-91449-9
 
 references:
+    anssi: BP28(R73)
     cis-csc: 1,11,12,13,14,15,16,19,2,3,4,5,6,7,8,9
     cis@alinux2: 4.1.8
     cis@alinux3: 4.1.3.12

linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_lastlog/rule.yml

@@ -33,6 +33,7 @@ identifiers:
     cce@sle15: CCE-85598-1
 
 references:
+    anssi: BP28(R73)
     cis-csc: 1,11,12,13,14,15,16,19,2,3,4,5,6,7,8,9
     cis@alinux2: 4.1.8
     cis@alinux3: 4.1.3.12

linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands/rule.yml

@@ -48,6 +48,7 @@ identifiers:
     cce@sle15: CCE-91251-9
 
 references:
+    anssi: BP28(R73)
     cis-csc: 1,11,12,13,14,15,16,19,2,3,4,5,6,7,8,9
     cis@rhel7: 4.1.11
     cis@rhel8: 4.1.3.6

linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_insmod/rule.yml

@@ -33,6 +33,7 @@ identifiers:
     cce@sle15: CCE-85744-1
 
 references:
+    anssi: BP28(R73)
     cis@alinux2: 4.1.17
     cis@rhel7: 4.1.16
     cis@rhel8: 4.1.3.19

linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_kmod/rule.yml

@@ -43,6 +43,7 @@ identifiers:
     cce@sle15: CCE-85591-6
 
 references:
+    anssi: BP28(R73)
     cis@alinux3: 4.1.3.20
     disa: CCI-000130,CCI-000135,CCI-000169,CCI-000172,CCI-002884
     nist: AU-3,AU-3.1,AU-12(a),AU-12.1(ii),AU-12.1(iv)AU-12(c),MA-4(1)(a)

linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_modprobe/rule.yml

@@ -37,6 +37,7 @@ identifiers:
     cce@sle15: CCE-85731-8
 
 references:
+    anssi: BP28(R73)
     cis@alinux2: 4.1.17
     cis@rhel7: 4.1.16
     cis@rhel8: 4.1.3.19

linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands_rmmod/rule.yml

@@ -33,6 +33,7 @@ identifiers:
     cce@sle15: CCE-85732-6
 
 references:
+    anssi: BP28(R73)
     cis@alinux2: 4.1.17
     cis@rhel7: 4.1.16
     cis@rhel8: 4.1.3.19

linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_immutable/rule.yml

@@ -33,6 +33,7 @@ identifiers:
     cce@sle15: CCE-85831-6
 
 references:
+    anssi: BP28(R73)
     cis-csc: 1,11,12,13,14,15,16,18,19,3,4,5,6,7,8
     cis@alinux2: 4.1.18
     cis@alinux3: 4.1.3.28

linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_mac_modification/rule.yml

@@ -29,6 +29,7 @@ identifiers:
     cce@sle15: CCE-85830-8
 
 references:
+    anssi: BP28(R73)
     cis-csc: 1,11,12,13,14,15,16,19,2,3,4,5,6,7,8,9
     cis@alinux2: 4.1.7
     cis@rhel7: 4.1.6

linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_media_export/rule.yml

@@ -33,6 +33,7 @@ identifiers:
     cce@sle15: CCE-85718-5
 
 references:
+    anssi: BP28(R73)
     cis-csc: 1,11,12,13,14,15,16,19,2,3,4,5,6,7,8,9
     cis@alinux2: 4.1.13
     cis@alinux3: 4.1.3.10

linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_networkconfig_modification/rule.yml

@@ -39,6 +39,7 @@ identifiers:
     cce@sle15: CCE-85828-2
 
 references:
+    anssi: BP28(R73)
     cis-csc: 1,11,12,13,14,15,16,19,2,3,4,5,6,7,8,9
     cis@alinux2: 4.1.6
     cis@alinux3: 4.1.3.5

linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_session_events/rule.yml

@@ -35,6 +35,7 @@ identifiers:
     cce@sle15: CCE-85829-0
 
 references:
+    anssi: BP28(R73)
     cis-csc: 1,11,12,13,14,15,16,19,2,3,4,5,6,7,8,9
     cis@alinux2: 4.1.9
     cis@alinux3: 4.1.3.11

linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_sysadmin_actions/rule.yml

@@ -31,6 +31,7 @@ identifiers:
     cce@sle15: CCE-85679-9
 
 references:
+    anssi: BP28(R73)
     cis-csc: 1,11,12,13,14,15,16,18,19,2,3,4,5,6,7,8,9
     cis@alinux2: 4.1.15
     cis@alinux3: 4.1.3.1

linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_group/rule.yml

@@ -36,6 +36,7 @@ identifiers:
     cce@sle15: CCE-85578-3
 
 references:
+    anssi: BP28(R73)
     cis-csc: 1,11,12,13,14,15,16,18,19,2,3,4,5,6,7,8,9
     cis@alinux2: 4.1.5
     cis@alinux3: 4.1.3.8

linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_gshadow/rule.yml

@@ -36,6 +36,7 @@ identifiers:
     cce@sle15: CCE-85580-9
 
 references:
+    anssi: BP28(R73)
     cis-csc: 1,11,12,13,14,15,16,18,19,2,3,4,5,6,7,8,9
     cis@alinux2: 4.1.5
     cis@alinux3: 4.1.3.8

linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_opasswd/rule.yml

@@ -36,6 +36,7 @@ identifiers:
     cce@sle15: CCE-85728-4
 
 references:
+    anssi: BP28(R73)
     cis-csc: 1,11,12,13,14,15,16,18,19,2,3,4,5,6,7,8,9
     cis@alinux2: 4.1.5
     cis@alinux3: 4.1.3.8

linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_passwd/rule.yml

@@ -36,6 +36,7 @@ identifiers:
     cce@sle15: CCE-85577-5
 
 references:
+    anssi: BP28(R73)
     cis-csc: 1,11,12,13,14,15,16,18,19,2,3,4,5,6,7,8,9
     cis@alinux2: 4.1.5
     cis@alinux3: 4.1.3.8

linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_shadow/rule.yml

@@ -36,6 +36,7 @@ identifiers:
     cce@sle15: CCE-85579-1
 
 references:
+    anssi: BP28(R73)
     cis-csc: 1,11,12,13,14,15,16,18,19,2,3,4,5,6,7,8,9
     cis@alinux2: 4.1.5
     cis@alinux3: 4.1.3.8

linux_os/guide/system/auditing/auditd_configure_rules/audit_time_rules/audit_rules_time_adjtimex/rule.yml

@@ -39,6 +39,7 @@ identifiers:
     cce@sle15: CCE-85814-2
 
 references:
+    anssi: BP28(R73)
     cis-csc: 1,11,12,13,14,15,16,19,2,3,4,5,6,7,8,9
     cis@alinux2: 4.1.4
     cis@alinux3: 4.1.3.4