Standard System Security Profile for Red Hat Enterprise Linux 8
Rules and Groups employed by this XCCDF Profile
-
Restrict Partition Mount Options
System partitions can be mounted with certain options that limit what files on those partitions can do. These options are set in the <code>/etc/fst...Group -
Add nodev Option to /dev/shm
The <code>nodev</code> mount option can be used to prevent creation of device files in <code>/dev/shm</code>. Legitimate character and block device...Rule Medium Severity -
Add nosuid Option to /dev/shm
The <code>nosuid</code> mount option can be used to prevent execution of setuid programs in <code>/dev/shm</code>. The SUID and SGID permissions s...Rule Medium Severity -
Services
The best protection against vulnerable software is running less software. This section describes how to review the software which Red Hat Enterpris...Group -
Base Services
This section addresses the base services that are installed on a Red Hat Enterprise Linux 8 default installation which are not covered in other sec...Group
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules