From 36be258cd3175f4239fa0f716119f82fb2b2d033 Mon Sep 17 00:00:00 2001
From: Bob Gendler <robert.gendler@nist.gov>
Date: Sun, 1 Sep 2024 21:35:38 -0400
Subject: [PATCH] refactor[rules]Added 15.x specific rules 171r3

Added 171r3 references to new rule files
---
 rules/os/os_genmoji_disable.yaml          | 9 ++++++++-
 rules/os/os_image_generation_disable.yaml | 6 +++++-
 rules/os/os_sudo_log_enforce.yaml         | 6 ++++--
 rules/os/os_writing_tools_disable.yaml    | 9 ++++++++-
 4 files changed, 25 insertions(+), 5 deletions(-)

diff --git a/rules/os/os_genmoji_disable.yaml b/rules/os/os_genmoji_disable.yaml
index a9de8e02..fbdac8cb 100644
--- a/rules/os/os_genmoji_disable.yaml
+++ b/rules/os/os_genmoji_disable.yaml
@@ -17,7 +17,14 @@ references:
   cci:
     - N/A
   800-53r5:
-    - N/A
+    - AC-20
+    - AC-20(1)
+    - CM-7
+    - CM-7(1)
+    - SC-7(10)
+  800-171r3:
+    - 03.01.20
+    - 03.04.06
 macOS:
   - '15.0'
 tags:
diff --git a/rules/os/os_image_generation_disable.yaml b/rules/os/os_image_generation_disable.yaml
index 7069225f..2354ffe6 100644
--- a/rules/os/os_image_generation_disable.yaml
+++ b/rules/os/os_image_generation_disable.yaml
@@ -17,7 +17,11 @@ references:
   cci:
     - N/A
   800-53r5:
-    - N/A
+    - AC-20
+    - AC-20(1)
+    - CM-7
+    - CM-7(1)
+    - SC-7(10)
 macOS:
   - '15.0'
 tags:
diff --git a/rules/os/os_sudo_log_enforce.yaml b/rules/os/os_sudo_log_enforce.yaml
index 842460c6..1b119bcf 100644
--- a/rules/os/os_sudo_log_enforce.yaml
+++ b/rules/os/os_sudo_log_enforce.yaml
@@ -18,9 +18,11 @@ references:
   cci:
     - N/A
   800-53r5:
-    - N/A
+    - AC-6(9)
   800-53r4:
     - N/A
+  800-171r3:
+    - 03.01.07
   srg:
     - N/A
   disa_stig:
@@ -40,7 +42,7 @@ tags:
   - cis_lvl2
   - cisv8
   - stig
-  - sudo
+  - 800-171
 severity: medium
 mobileconfig: false
 mobileconfig_info:
diff --git a/rules/os/os_writing_tools_disable.yaml b/rules/os/os_writing_tools_disable.yaml
index 99de1373..acfb63f8 100644
--- a/rules/os/os_writing_tools_disable.yaml
+++ b/rules/os/os_writing_tools_disable.yaml
@@ -17,7 +17,14 @@ references:
   cci:
     - N/A
   800-53r5:
-    - N/A
+    - AC-20
+    - AC-20(1)
+    - CM-7
+    - CM-7(1)
+    - SC-7(10)
+  800-171r3:
+    - 03.01.20
+    - 03.04.06    
 macOS:
   - '15.0'
 tags: