Skip to content
Log In

CloudLinux AlmaLinux OS 9 Security Technical Implementation Guide

Rules, Groups, and Values defined within the XCCDF Benchmark

  • SRG-OS-000368-GPOS-00154

    Group
    Show

  • SRG-OS-000368-GPOS-00154

    Group
    Show

  • SRG-OS-000370-GPOS-00155

    Group
    Show

  • SRG-OS-000370-GPOS-00155

    Group
    Show

  • AlmaLinux OS 9 fapolicy module must be installed.

    The organization must identify authorized software programs and permit execution of authorized software. The process used to identify software programs that are authorized to execute on organizatio...
    Rule Medium Severity
    Show

  • SRG-OS-000095-GPOS-00049

    Group
    Show

  • AlmaLinux OS 9 must disable remote management of the chrony daemon.

    Not exposing the management interface of the chrony daemon on the network reduces the attack surface.
    Rule Medium Severity
    Show

  • SRG-OS-000095-GPOS-00049

    Group
    Show

  • SRG-OS-000095-GPOS-00049

    Group
    Show

  • AlmaLinux OS 9 must not have the iprutils package installed.

    The iprutils package provides a suite of utilities to manage and configure SCSI devices supported by the ipr SCSI storage device driver.
    Rule Medium Severity
    Show

  • SRG-OS-000095-GPOS-00049

    Group
    Show

  • SRG-OS-000095-GPOS-00049

    Group
    Show

  • AlmaLinux OS 9 must not have the sendmail package installed.

    The sendmail software was not developed with security in mind, and its design prevents it from being effectively contained by SELinux. Postfix must be used instead.
    Rule Medium Severity
    Show

  • SRG-OS-000095-GPOS-00049

    Group
    Show

  • SRG-OS-000095-GPOS-00049

    Group
    Show

  • AlmaLinux OS 9 must not have a Trivial File Transfer Protocol (TFTP) client package installed.

    If TFTP is required for operational support (such as transmission of router configurations), its use must be documented with the information systems security manager (ISSM), restricted to only auth...
    Rule Medium Severity
    Show

  • SRG-OS-000095-GPOS-00049

    Group
    Show

  • AlmaLinux OS 9 must not have the cups package installed.

    The cups package provides printer drivers as well as a print server, webserver, and discovery mechanisms. Removing the package reduces the potential attack surface.
    Rule Medium Severity
    Show

  • SRG-OS-000095-GPOS-00049

    Group
    Show

  • AlmaLinux OS 9 must not have the gssproxy package installed.

    The gssproxy package is a proxy for GSS API credential handling and could expose secrets on some networks. It is not needed for normal function of the OS.
    Rule Medium Severity
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules