I - Mission Critical Public
Rules and Groups employed by this XCCDF Profile
-
SRG-OS-000259-GPOS-00100
Group -
The Ubuntu operating system library directories must have mode 0755 or less permissive.
If the Ubuntu operating system were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that ar...Rule Medium Severity -
SRG-OS-000259-GPOS-00100
Group -
The Ubuntu operating system library files must be owned by root.
If the Ubuntu operating system were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that ar...Rule Medium Severity -
SRG-OS-000259-GPOS-00100
Group -
The Ubuntu operating system library directories must be owned by root.
If the Ubuntu operating system were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that ar...Rule Medium Severity -
SRG-OS-000259-GPOS-00100
Group -
The Ubuntu operating system library files must be group-owned by root.
If the Ubuntu operating system were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that ar...Rule Medium Severity -
SRG-OS-000259-GPOS-00100
Group -
The Ubuntu operating system library directories must be group-owned by root.
If the Ubuntu operating system were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that ar...Rule Medium Severity -
SRG-OS-000259-GPOS-00100
Group -
The Ubuntu operating system must have system commands set to a mode of 0755 or less permissive.
If the Ubuntu operating system were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that ar...Rule Medium Severity -
SRG-OS-000259-GPOS-00100
Group -
The Ubuntu operating system must have directories that contain system commands set to a mode of 0755 or less permissive.
If the Ubuntu operating system were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that ar...Rule Medium Severity -
SRG-OS-000259-GPOS-00100
Group -
The Ubuntu operating system must have system commands owned by root.
If the Ubuntu operating system were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that ar...Rule Medium Severity -
SRG-OS-000259-GPOS-00100
Group -
The Ubuntu operating system must have directories that contain system commands owned by root.
If the Ubuntu operating system were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that ar...Rule Medium Severity -
SRG-OS-000259-GPOS-00100
Group -
The Ubuntu operating system must have system commands group-owned by root or a system account.
If the Ubuntu operating system were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that ar...Rule Medium Severity -
SRG-OS-000259-GPOS-00100
Group -
The Ubuntu operating system must have directories that contain system commands group-owned by root.
If the Ubuntu operating system were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that ar...Rule Medium Severity -
SRG-OS-000266-GPOS-00101
Group -
The Ubuntu operating system must enforce password complexity by requiring that at least one special character be used.
Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity or strength is a measure of the effectiveness of a password in resisting ...Rule Low Severity -
SRG-OS-000480-GPOS-00227
Group -
The Ubuntu Operating system must disable the x86 Ctrl-Alt-Delete key sequence if a graphical user interface is installed.
A locally logged-on user who presses Ctrl-Alt-Delete, when at the console, can reboot the system. If accidentally pressed, as could happen in the case of a mixed OS environment, this can create the...Rule High Severity -
SRG-OS-000480-GPOS-00227
Group -
The Ubuntu Operating system must disable the x86 Ctrl-Alt-Delete key sequence.
A locally logged-on user who presses Ctrl-Alt-Delete, when at the console, can reboot the system. If accidentally pressed, as could happen in the case of a mixed OS environment, this can create the...Rule High Severity -
SRG-OS-000064-GPOS-00033
Group -
The Ubuntu operating system must generate audit records for the use and modification of the tallylog file.
Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an in...Rule Medium Severity -
SRG-OS-000064-GPOS-00033
Group -
The Ubuntu operating system must generate audit records for the use and modification of faillog file.
Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an in...Rule Medium Severity -
SRG-OS-000064-GPOS-00033
Group -
The Ubuntu operating system must generate audit records for the use and modification of the lastlog file.
Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an in...Rule Medium Severity -
SRG-OS-000471-GPOS-00215
Group -
The Ubuntu operating system must generate audit records for privileged activities or other system-level access.
Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an in...Rule Medium Severity -
SRG-OS-000472-GPOS-00217
Group -
The Ubuntu operating system must generate audit records for the /var/log/wtmp file.
Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an in...Rule Medium Severity -
SRG-OS-000472-GPOS-00217
Group -
The Ubuntu operating system must generate audit records for the /var/run/utmp file.
Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an in...Rule Medium Severity -
SRG-OS-000472-GPOS-00217
Group -
The Ubuntu operating system must generate audit records for the /var/log/btmp file.
Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an in...Rule Medium Severity -
SRG-OS-000476-GPOS-00221
Group -
The Ubuntu operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/passwd.
Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an in...Rule Medium Severity -
SRG-OS-000476-GPOS-00221
Group -
The Ubuntu operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/group.
Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an in...Rule Medium Severity -
SRG-OS-000476-GPOS-00221
Group -
The Ubuntu operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/gshadow.
Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an in...Rule Medium Severity -
SRG-OS-000476-GPOS-00221
Group -
The Ubuntu operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/shadow.
Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an in...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.