Skip to content
ATO Pathways
  Log In

Guide to the Secure Configuration of Oracle Linux 7

Rules, Groups, and Values defined within the XCCDF Benchmark

  • Ensure there are no legacy + NIS entries in /etc/group

    The <code>+</code> character in <code>/etc/group</code> file marks a place where entries from a network information service (NIS) should be directl...
    Rule Medium Severity
    Show

  • Restrict Virtual Console Root Logins

    To restrict root logins through the (deprecated) virtual console devices, ensure lines of this form do not appear in <code>/etc/securetty</code>: <...
    Rule Medium Severity
    Show

  • Action for auditd to take when disk errors

    'The setting for disk_error_action in /etc/audit/auditd.conf, if multiple values are allowed write them separated by pipes as in "syslog|single|hal...
    Value
    Show

  • Restrict Root Logins

    Direct root logins should be allowed only for emergency use. In normal situations, the administrator should access the system via a unique unprivil...
    Group
    Show

  • Group Name Used by pam_wheel Group Parameter

    pam_wheel module has a parameter called group, which controls which groups can access the su command. This variable holds the valid value for the p...
    Value
    Show

  • Verify Only Root Has UID 0

    If any account other than root has a UID of 0, this misconfiguration should be investigated and the accounts other than root should be removed or h...
    Rule High Severity
    Show

  • Verify Root Has A Primary GID 0

    The root user should have a primary group of 0.
    Rule High Severity
    Show

  • Direct root Logins Not Allowed

    To further limit access to the <code>root</code> account, administrators can disable root logins at the console by editing the <code>/etc/securetty...
    Rule Medium Severity
    Show

  • Ensure that System Accounts Are Locked

    Some accounts are not associated with a human user of the system, and exist to perform some administrative functions. An attacker should not be abl...
    Rule Medium Severity
    Show

  • Restrict Web Browser Use for Administrative Accounts

    Enforce policy requiring administrative accounts use web browsers only for local service administration.
    Rule Unknown Severity
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules