Skip to content
ATO Pathways
  Log In

Guide to the Secure Configuration of Red Hat Enterprise Linux 10

Rules, Groups, and Values defined within the XCCDF Benchmark

  • kerberos_enabled SELinux Boolean

    default - Default SELinux boolean setting.
    on - SELinux boolean is enabled.
    off - SELinux boolean is disabled.
    Value
    Show

  • polyinstantiation_enabled SELinux Boolean

    default - Default SELinux boolean setting.
    on - SELinux boolean is enabled.
    off - SELinux boolean is disabled.
    Value
    Show

  • secure_mode_insmod SELinux Boolean

    default - Default SELinux boolean setting.
    on - SELinux boolean is enabled.
    off - SELinux boolean is disabled.
    Value
    Show

  • selinuxuser_execheap SELinux Boolean

    default - Default SELinux boolean setting.
    on - SELinux boolean is enabled.
    off - SELinux boolean is disabled.
    Value
    Show

  • Configure the deny_execmem SELinux Boolean

    By default, the SELinux boolean <code>deny_execmem</code> is disabled. This setting should be configured to <xccdf-1.2:sub idref="xccdf_org.ssgproj...
    Rule Medium Severity
    Show

  • Enable the kerberos_enabled SELinux Boolean

    By default, the SELinux boolean <code>kerberos_enabled</code> is enabled. If this setting is disabled, it should be enabled to allow confined appli...
    Rule Medium Severity
    Show

  • Configure the polyinstantiation_enabled SELinux Boolean

    By default, the SELinux boolean <code>polyinstantiation_enabled</code> is disabled. This setting should be configured to <xccdf-1.2:sub idref="xccd...
    Rule Medium Severity
    Show

  • Disable the selinuxuser_execheap SELinux Boolean

    By default, the SELinux boolean <code>selinuxuser_execheap</code> is disabled. When enabled this boolean is enabled it allows selinuxusers to execu...
    Rule Medium Severity
    Show

  • Enable the selinuxuser_execmod SELinux Boolean

    By default, the SELinux boolean <code>selinuxuser_execmod</code> is enabled. If this setting is disabled, it should be enabled. To enable the <cod...
    Rule Medium Severity
    Show

  • Disable the selinuxuser_execstack SELinux Boolean

    By default, the SELinux boolean <code>selinuxuser_execstack</code> is enabled. This setting should be disabled as unconfined executables should not...
    Rule Medium Severity
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules