Skip to content
Log In

SUSE Linux Enterprise Server 15 Security Technical Implementation Guide

Rules, Groups, and Values defined within the XCCDF Benchmark

  • SRG-OS-000068-GPOS-00036

    Group
    Show

  • SRG-OS-000037-GPOS-00015

    Group
    Show

  • The SUSE operating system must implement multifactor authentication for access to privileged accounts via pluggable authentication modules (PAM).

    Using an authentication device, such as a Common Access Card (CAC) or token that is separate from the information system, ensures that even if the information system is compromised, that compromise...
    Rule Medium Severity
    Show

  • SRG-OS-000109-GPOS-00056

    Group
    Show

  • SRG-OS-000118-GPOS-00060

    Group
    Show

  • SRG-OS-000123-GPOS-00064

    Group
    Show

  • SRG-OS-000480-GPOS-00227

    Group
    Show

  • The SUSE operating system must display the date and time of the last successful account logon upon logon.

    Providing users with feedback on when account accesses last occurred facilitates user recognition and reporting of unauthorized account use.
    Rule Low Severity
    Show

  • SRG-OS-000480-GPOS-00227

    Group
    Show

  • The SUSE operating system must not have unnecessary accounts.

    Accounts providing no operational purpose provide additional opportunities for system compromise. Unnecessary accounts include user accounts for individuals not requiring access to the system and a...
    Rule Medium Severity
    Show

  • SRG-OS-000480-GPOS-00227

    Group
    Show

  • The SUSE operating system must not have unnecessary account capabilities.

    Accounts providing no operational purpose provide additional opportunities for system compromise. Therefore all necessary non interactive accounts should not have an interactive shell assigned to t...
    Rule Medium Severity
    Show

  • SRG-OS-000480-GPOS-00227

    Group
    Show

  • The SUSE operating system root account must be the only account with unrestricted access to the system.

    If an account other than root also has a User Identifier (UID) of "0", it has root authority, giving that account unrestricted access to the entire SUSE operating system. Multiple accounts with a U...
    Rule High Severity
    Show

  • SRG-OS-000480-GPOS-00227

    Group
    Show

  • SRG-OS-000373-GPOS-00156

    Group
    Show

  • The SUSE operating system must require reauthentication when using the "sudo" command.

    Without reauthentication, users may access resources or perform tasks for which they do not have authorization. When operating systems provide the capability to escalate a functional capability, ...
    Rule Medium Severity
    Show

  • SRG-OS-000480-GPOS-00227

    Group
    Show

  • The SUSE operating system must use the invoking user's password for privilege escalation when using "sudo".

    The sudoers security policy requires that users authenticate themselves before they can use sudo. When sudoers requires authentication, it validates the invoking user's credentials. If the rootpw, ...
    Rule Medium Severity
    Show

  • SRG-OS-000480-GPOS-00227

    Group
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules