An XCCDF Group - A logical subset of the XCCDF Benchmark
/etc/fstab
nosuid
/boot/efi
noauto
/boot
nodev
/dev
noexec
/dev/shm
grpquota
/home
usrquota
/opt
hidepid
/proc
/proc/[pid]
0: Everybody may access all /proc/[pid] directories. 1: Users may not access files and subdirectories inside any /proc/[pid] directories but their own. The /proc/[pid] directories themselves remain visible. 2: Same as for mode 1, but in addition the /proc/[pid] directories belonging to other users become invisible.
hidepid=2
/srv
/tmp
/var/log/audit
/var/log
/var
/var/tmp
/tmp /var/tmp none rw,nodev,noexec,nosuid,bind 0 0
mount(8)