Guide to the Secure Configuration of Ubuntu 16.04
Rules, Groups, and Values defined within the XCCDF Benchmark
-
Disable storing core dump
The <code>Storage</code> option in <code>[Coredump]</code> sectionof <code>/etc/systemd/coredump.conf</code> can be set to <code>none</code> to dis...Rule Medium Severity -
Disable Core Dumps for SUID programs
To set the runtime status of the <code>fs.suid_dumpable</code> kernel parameter, run the following command: <pre>$ sudo sysctl -w fs.suid_dumpable=...Rule Medium Severity -
Enable ExecShield
ExecShield describes kernel features that provide protection against exploitation of memory corruption errors such as buffer overflows. These featu...Group -
kernel.kptr_restrict
Configure exposition of kernel pointer addressesValue -
Restrict Exposed Kernel Pointer Addresses Access
To set the runtime status of the <code>kernel.kptr_restrict</code> kernel parameter, run the following command: <pre>$ sudo sysctl -w kernel.kptr_r...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules