# HG changeset patch
# User jfp <jf.pieronne@laposte.net>
# Date 1674640826 -3600
#      Wed Jan 25 11:00:26 2023 +0100
# Node ID 5cbf37fbfc7ce91352c86d66a3a6b24ec0038028
# Parent  24e85e972d75ab092fcdd5075fac19f8c32fc13d
Update rule0101

diff --git a/secrules/rules01.py b/secrules/rules01.py
--- a/secrules/rules01.py
+++ b/secrules/rules01.py
@@ -14,10 +14,10 @@
 @level_rule(1)
 def rule0101(fo, ftm):
     """Improper system-level account access restrictions
-    
-    The following system-level accounts do not have account restrictions defined.
-    Improper configuration of access restrictions could result in the compromise of
-    the operating system environment, and compromise the confidentiality of customer data"""
+
+    Any accounts determined as system-level accounts (group value less than
+    or equal to the SYSGEN parameter MAXSYSGROUP) that do not have account
+    access denied for dialup and remote access will be listed"""
 
     maxsysgroup = lib.getsyi(syidef.SYI__MAXSYSGROUP)[1]
     all_users = user.all_users()
@@ -27,7 +27,8 @@
         print('=========', file=fo)
     for u in list(all_users.values()):
         if (u.uic_group <= maxsysgroup) and (
-            u.dialup_access_p != '\xff\xff\xff'
+            u.dialup_access_p != b'\xff\xff\xff'
+            or u.remote_access_p != b'\xff\xff\xff'
         ):
             if ftm:
                 print(
@@ -129,7 +130,7 @@
 @level_rule(3)
 def rule0105(fo, ftm):
     """Improperly granted system-level account privilege classes
-    
+
     Improperly granted privilege classes can grant unintended
     privileges and accesses to users.  This could result in the
     compromise of the operating system environment, and compromise
@@ -195,7 +196,7 @@
 @level_rule(3)
 def rule0106(fo, ftm):
     """Invalid home directory device
-    
+
     These accounts may no longer be valid or useful, and may
     represent a security exposure to the system."""
 
@@ -218,7 +219,7 @@
 @level_rule(3)
 def rule0107(fo, ftm):
     """Home directory device not ready
-    
+
     The device may not be online, mounted or available.
     Security checks cannot be completed."""
 
@@ -241,7 +242,7 @@
 @level_rule(2)
 def rule0108(fo, ftm):
     """System accounts with non-existing home directories
-    
+
     Improper home directory configuration can interfere with
     the proper functioning of accounts.  The accounts listed do not
     have home directories.  This is not consistent with the system
@@ -264,7 +265,7 @@
 @level_rule(3)
 def rule0109(fo, ftm):
     """Non-conforming standard accounts
-    
+
     Improper account ownership can prevent proper identification
     of assigned privileges, result in auditing difficulties, and can
     jeopardize overall system security."""
@@ -360,7 +361,7 @@
 @level_rule(3)
 def rule0110(fo, ftm):
     """Improperly defined SYSGEN parameters associated with accounts
-    
+
     Improper configuration of account related SYSGEN parameters
     could result in the compromise of the operating system environment,
     and compromise the confidentiality of customer data."""