Guide to the Secure Configuration of Red Hat Enterprise Linux CoreOS 4
Rules, Groups, and Values defined within the XCCDF Benchmark
-
Protect Physical Console Access
It is impossible to fully protect a system from an attacker with physical access, so securing the space in which the system is located should be co...Group -
Login timeout for idle sessions
Specify duration of allowed idle time.Value -
Disable debug-shell SystemD Service
SystemD's <code>debug-shell</code> service is intended to diagnose SystemD related boot issues with various <code>systemctl</code> commands. Once e...Rule Medium Severity -
Verify that Interactive Boot is Disabled
Red Hat Enterprise Linux CoreOS 4 systems support an "interactive boot" option that can be used to prevent services from being started. On a Red Ha...Rule Medium Severity -
Ensure there are no legacy + NIS entries in /etc/group
The <code>+</code> character in <code>/etc/group</code> file marks a place where entries from a network information service (NIS) should be directl...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules