Red Hat Enterprise Linux 8 Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
The debug-shell systemd service must be disabled on RHEL 8.
<VulnDiscussion>The debug-shell requires no authentication and provides root privileges to anyone who has physical access to the machine. Wh...Rule Medium Severity -
SRG-OS-000480-GPOS-00227
<GroupDescription></GroupDescription>Group -
The Trivial File Transfer Protocol (TFTP) server package must not be installed if not required for RHEL 8 operational support.
<VulnDiscussion>If TFTP is required for operational support (such as the transmission of router configurations) its use must be documented wi...Rule High Severity -
SRG-OS-000480-GPOS-00227
<GroupDescription></GroupDescription>Group -
The root account must be the only account having unrestricted access to the RHEL 8 system.
<VulnDiscussion>If an account other than root also has a User Identifier (UID) of "0", it has root authority, giving that account unrestricte...Rule High Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules