I - Mission Critical Sensitive
Rules and Groups employed by this XCCDF Profile
-
SRG-OS-000480-GPOS-00227
<GroupDescription></GroupDescription>Group -
The Photon operating system must ensure audit events are flushed to disk at proper intervals.
<VulnDiscussion>Without setting a balance between performance and ensuring all audit events are written to disk, performance of the system ma...Rule Medium Severity -
SRG-OS-000480-GPOS-00227
<GroupDescription></GroupDescription>Group -
The Photon operating system must create a home directory for all new local interactive user accounts.
<VulnDiscussion>If local interactive users are not assigned a valid home directory, there is no place for the storage and control of files th...Rule Medium Severity -
SRG-OS-000480-GPOS-00227
<GroupDescription></GroupDescription>Group -
The Photon operating system must disable the debug-shell service.
<VulnDiscussion>The debug-shell service is intended to diagnose systemd-related boot issues with various "systemctl" commands. Once enabled a...Rule Medium Severity -
SRG-OS-000480-GPOS-00227
<GroupDescription></GroupDescription>Group -
The Photon operating system must configure sshd to disallow Generic Security Service Application Program Interface (GSSAPI) authentication.
<VulnDiscussion>GSSAPI authentication is used to provide additional authentication mechanisms to applications. Allowing GSSAPI authentication...Rule Medium Severity -
SRG-OS-000480-GPOS-00227
<GroupDescription></GroupDescription>Group -
The Photon operating system must configure sshd to disable environment processing.
<VulnDiscussion>Enabling environment processing may enable users to bypass access restrictions in some configurations and must therefore be d...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.