Guide to the Secure Configuration of Red Hat Enterprise Linux 7
Rules, Groups, and Values defined within the XCCDF Benchmark
-
Ensure sudo Ignores Commands In Current Dir - sudo ignore_dot
The sudo <code>ignore_dot</code> tag, when specified, will ignore the current directory in the PATH environment variable. On Red Hat Enterprise Lin...Rule Medium Severity -
Ensure Privileged Escalated Commands Cannot Execute Other Commands - sudo NOEXEC
The sudo <code>NOEXEC</code> tag, when specified, prevents user executed commands from executing other commands, like a shell for example. This sho...Rule High Severity -
Ensure sudo passwd_timeout is appropriate - sudo passwd_timeout
The sudo <code>passwd_timeout</code> tag sets the amount of time sudo password prompt waits. On Red Hat Enterprise Linux 7, the default <code>passw...Rule Medium Severity -
Ensure sudo umask is appropriate - sudo umask
The sudo <code>umask</code> tag, when specified, will be added the to the user's umask in the command environment. On Red Hat Enterprise Linux 7, t...Rule Medium Severity -
Ensure Only Users Logged In To Real tty Can Execute Sudo - sudo use_pty
The sudo <code>use_pty</code> tag, when specified, will only execute sudo commands from users logged in to a real tty. This should be enabled by ma...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules