# The hardening scripts corresponding to these PDIs will not be run during
# postinstall. A PDI to be overridden must be listed on its own line.
# Example:
# GEN000540
# Please refer to the Virtual Appliance Development Guide on the wiki for a
# listing of potential PDIs you may want to override

# root login through ssh. QA needs it for automation.
# we may reenable, if we provide some alternative.
GEN001120

# allow tcpdump per CPD's request
GEN003865

# disable auditing of failed open syscall PR 659864
GEN002720

# SLES11 SP2
# Detected Vulnerabilities in The Internet Systems Consortium (ISC) version of DHCP 3.
#  2004-T-0018: IAVA 2004-T-0018 ISC DHCPD Buffer Overruns - localhost.localdom is running
#  Version  of the ISC DHCP server.  localhost.localdom must upgrade to at least
#  Version 3.0.1p14 of the ISC server to satisfy this IAVA.
2004-T-0018

# Turn off ssh AllowGroup entry until fixes in place to add
# SSO users to 'wheel' group for cloudvm product.
GEN005521

# PR 1420395: Do not disable ssh during postinstall
GEN001121
# PR 1665122 : Do not add ssl.cipher-list in /opt/vmware/etc/lighttpd/lighttpd.conf
VMW-BZ-744580

# PR 1987759: Disable setting the password expiry for the root and other users
GEN000700
GEN000740

