Description of problem: Test Name: openssh Test Result: WARNING Warning(19) Wrong permissions on directory: "/var/empty/sshd" (directory used by sshd during privilege separation in the pre-authentication phase, required permissions are 644) 1) 0644 is a very strange directory permission 2) If this is truly the case, why isn't this fixed in the openssh package? Also: Warning(22) Remote root login IS NOT EXPLICITLY DISABLED. Warning(09) Remote access IS NOT restricted with the AllowGroups nor the AllowUsers directive These are intentional in the configuration. Version-Release number of selected component (if applicable): sectool-0.6.0-1.noarch How reproducible: Steps to Reproduce: 1. 2. 3. Actual results: Expected results: Additional info:
Per the remote root login and Allow{User,Groups}..I guess that we could move that test from the "default" security level (3), but let it enabled in the "hardening" levels - 4 and 5.