Skip to content

Guide to the Secure Configuration of Red Hat Enterprise Linux 10

Rules, Groups, and Values defined within the XCCDF Benchmark

  • Configure AIDE to Use FIPS 140-2 for Validating Hashes

    By default, the <code>sha512</code> option is added to the <code>NORMAL</code> ruleset in AIDE. If using a custom ruleset or the <code>sha512</code> option is missing, add <code>sha512</code> to th...
    Rule Medium Severity
  • Configure AIDE to Verify Access Control Lists (ACLs)

    By default, the <code>acl</code> option is added to the <code>FIPSR</code> ruleset in AIDE. If using a custom ruleset or the <code>acl</code> option is missing, add <code>acl</code> to the appropri...
    Rule Low Severity
  • Configure AIDE to Verify Extended Attributes

    By default, the <code>xattrs</code> option is added to the <code>FIPSR</code> ruleset in AIDE. If using a custom ruleset or the <code>xattrs</code> option is missing, add <code>xattrs</code> to the...
    Rule Low Severity
  • Audit Tools Must Be Group-owned by Root

    Red Hat Enterprise Linux 10 systems providing tools to interface with audit information will leverage user permissions and roles identifying the user accessing the tools, and the corresponding righ...
    Rule Medium Severity
  • Ensure /var/log Located On Separate Partition

    System logs are stored in the /var/log directory. Ensure that /var/log has its own partition or logical volume at installation time, or migrate it using LVM.
    Rule Low Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules