Verify that local System.map file (if exists) is readable only by root
An XCCDF Rule
Description
Files containing sensitive informations should be protected by restrictive
permissions. Most of the time, there is no need that these files need to be read by any non-root user
To properly set the permissions of /boot/System.map-*, run the command:
$ sudo chmod 0600 /boot/System.map-*
Rationale
The System.map file contains information about kernel symbols and
can give some hints to generate local exploitation.
- ID
- xccdf_org.ssgproject.content_rule_file_permissions_systemmap
- Severity
- Unknown
- References
- Updated