Guide to the Secure Configuration of Debian 10
Rules, Groups, and Values defined within the XCCDF Benchmark
-
Verify Permissions on Important Files and Directories Are Configured in /etc/permissions.local
Permissions for many files on a system must be set restrictively to ensure sensitive information is properly protected. This section discusses the ...Group -
Restrict Programs from Dangerous Execution Patterns
The recommendations in this section are designed to ensure that the system's features to protect against potentially dangerous program execution ar...Group -
kernel.unprivileged_bpf_disabled
Prevent unprivileged processes from using the bpf() syscall.Value -
Disable the uvcvideo module
If the device contains a camera it should be covered or disabled when not in use.Rule Medium Severity -
Kernel panic on oops
To set the runtime status of the <code>kernel.panic_on_oops</code> kernel parameter, run the following command: <pre>$ sudo sysctl -w kernel.panic_...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules