Guide to the Secure Configuration of Oracle Linux 8
Rules, Groups, and Values defined within the XCCDF Benchmark
-
Disable the selinuxuser_execheap SELinux Boolean
By default, the SELinux boolean <code>selinuxuser_execheap</code> is disabled. When enabled this boolean is enabled it allows selinuxusers to execute code from the heap. If this setting is enabled,...Rule Medium Severity -
Enable the selinuxuser_execmod SELinux Boolean
By default, the SELinux boolean <code>selinuxuser_execmod</code> is enabled. If this setting is disabled, it should be enabled. To enable the <code>selinuxuser_execmod</code> SELinux boolean, run ...Rule Medium Severity -
Disable the selinuxuser_execstack SELinux Boolean
By default, the SELinux boolean <code>selinuxuser_execstack</code> is enabled. This setting should be disabled as unconfined executables should not be able to make their stack executable. To disab...Rule Medium Severity -
Disable the selinuxuser_mysql_connect_enabled SELinux Boolean
By default, the SELinux boolean <code>selinuxuser_mysql_connect_enabled</code> is disabled. If this setting is enabled, it should be disabled. To disable the <code>selinuxuser_mysql_connect_enable...Rule Medium Severity -
Enable the selinuxuser_ping SELinux Boolean
By default, the SELinux boolean <code>selinuxuser_ping</code> is enabled. If this setting is disabled, it should be enabled as it allows confined users to use ping and traceroute which is helpful f...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules