Skip to content

DRAFT - Protection Profile for General Purpose Operating Systems

Rules and Groups employed by this XCCDF Profile

  • Ensure /var/log Located On Separate Partition

    System logs are stored in the <code>/var/log</code> directory. Ensure that <code>/var/log</code> has its own partition or logical volume at instal...
    Rule Low Severity
  • Ensure /var/log/audit Located On Separate Partition

    Audit logs are stored in the <code>/var/log/audit</code> directory. Ensure that <code>/var/log/audit</code> has its own partition or logical volum...
    Rule Low Severity
  • Ensure /var/tmp Located On Separate Partition

    The <code>/var/tmp</code> directory is a world-writable directory used for temporary file storage. Ensure it has its own partition or logical volum...
    Rule Medium Severity
  • Sudo

    <code>Sudo</code>, which stands for "su 'do'", provides the ability to delegate authority to certain users, groups of users, or system administrato...
    Group
  • Install sudo Package

    The sudo package can be installed with the following command:
    $ sudo yum install sudo
    Rule Medium Severity
  • System Tooling / Utilities

    The following checks evaluate the system for recommended base packages -- both for installation and removal.
    Group
  • Ensure gnutls-utils is installed

    The gnutls-utils package can be installed with the following command:
    $ sudo yum install gnutls-utils
    Rule Medium Severity
  • Install openscap-scanner Package

    The openscap-scanner package can be installed with the following command:
    $ sudo yum install openscap-scanner
    Rule Medium Severity
  • Install scap-security-guide Package

    The scap-security-guide package can be installed with the following command:
    $ sudo yum install scap-security-guide
    Rule Medium Severity
  • Uninstall gssproxy Package

    The gssproxy package can be removed with the following command:
    $ sudo yum erase gssproxy
    Rule Medium Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules