SUSE Linux Enterprise Micro (SLEM) 5 Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
SLEM 5 file systems that contain user home directories must be mounted to prevent files with the setuid and setgid bit set from being executed.
The "nosuid" mount option causes the system to not execute setuid and setgid files with owner privileges. This option must be used for mounting any file system not containing approved setuid and se...Rule Medium Severity -
SLEM 5 must have system commands set to a mode of 755 or less permissive.
If SLEM 5 were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust ch...Rule Medium Severity -
SLEM 5 library files must be owned by root.
If SLEM 5 were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust ch...Rule Medium Severity -
SLEM 5 must have system commands group-owned by root or a system account.
If SLEM 5 were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust ch...Rule Medium Severity -
The sticky bit must be set on all SLEM 5 world-writable directories.
Preventing unauthorized information transfers mitigates the risk of information, including encrypted representations of information, produced by the actions of prior users/roles (or the actions of ...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules