Guide to the Secure Configuration of OpenEmbedded
Rules, Groups, and Values defined within the XCCDF Benchmark
-
Ensure Only Users Logged In To Real tty Can Execute Sudo - sudo requiretty
The sudo <code>requiretty</code> tag, when specified, will only execute sudo commands from users logged in to a real tty. This should be enabled by...Rule Medium Severity -
Ensure Only Users Logged In To Real tty Can Execute Sudo - sudo use_pty
The sudo <code>use_pty</code> tag, when specified, will only execute sudo commands from users logged in to a real tty. This should be enabled by ma...Rule Medium Severity -
Ensure Sudo Logfile Exists - sudo logfile
A custom log sudo file can be configured with the 'logfile' tag. This rule configures a sudo custom logfile at the default location suggested by CI...Rule Low Severity -
Don't define allowed commands in sudoers by means of exclusion
Policies applied by sudo through the sudoers file should not involve negation. Each user specification in the <code>sudoers</code> file contains a...Rule Medium Severity -
Don't target root user in the sudoers file
The targeted users of a user specification should be, as much as possible, non privileged users (i.e.: non-root). User specifications have to expl...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules