Guide to the Secure Configuration of Debian 10
Rules, Groups, and Values defined within the XCCDF Benchmark
-
slub_debug - debug options
Defines the debug options to use inslub_debugkernel command line argument.Value -
SELinux
SELinux is a feature of the Linux kernel which can be used to guard against misconfigured or compromised programs. SELinux enforces the idea that programs should be limited in what files they can a...Group -
SELinux policy
Type of policy in use. Possible values are:
targeted - Only targeted network daemons are protected.
strict - Full SELinux protection.
mls - Multiple levels of securityValue -
SELinux state
enforcing - SELinux security policy is enforced.
permissive - SELinux prints warnings instead of enforcing.
disabled - SELinux is fully disabled.Value -
Ensure SELinux is Not Disabled
The SELinux state should be set to <code>enforcing</code> or <code>permissive</code> at system boot time. In the file <code>/etc/selinux/config</code>, add or correct the following line to configur...Rule High Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules