Skip to content
Log In

Guide to the Secure Configuration of OpenEmbedded

Rules, Groups, and Values defined within the XCCDF Benchmark

  • System Audit Logs Must Have Mode 0750 or Less Permissive

    If <code>log_group</code> in <code>/etc/audit/auditd.conf</code> is set to a group other than the <code>root</code> group account, change the mode of the audit log files with the following command...
    Rule Medium Severity
    Show

  • Disable vsftpd if Possible

    To minimize attack surface, disable vsftpd if at all possible.
    Group
    Show

  • Records Events that Modify Date and Time Information

    Arbitrary changes to the system time can be used to obfuscate nefarious activities in log files, as well as to confuse network services that are highly dependent upon an accurate system time. All c...
    Group
    Show

  • Configure vsftpd to Provide FTP Service if Necessary

    The primary vsftpd configuration file is /etc/vsftpd.conf, if that file exists, or /etc/vsftpd/vsftpd.conf if it does not.
    Group
    Show

  • Force kernel panic on uncorrected MCEs

    A Machine Check Exception is an error generated by the CPU itdetects an error in itself, memory or I/O devices. These errors may be corrected and generate a check log entry, if an error cannot be c...
    Rule Medium Severity
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules