Skip to content

I - Mission Critical Sensitive

Rules and Groups employed by this XCCDF Profile

  • RHEL 9 must disable access to network bpf system call from nonprivileged processes.

    <VulnDiscussion>Loading and accessing the packet filters programs and maps using the bpf() system call has the potential of revealing sensiti...
    Rule Medium Severity
  • SRG-OS-000132-GPOS-00067

    <GroupDescription></GroupDescription>
    Group
  • RHEL 9 must restrict usage of ptrace to descendant processes.

    &lt;VulnDiscussion&gt;Unrestricted usage of ptrace allows compromised binaries to run ptrace on other processes of the user. Like this, the attacke...
    Rule Medium Severity
  • SRG-OS-000480-GPOS-00227

    <GroupDescription></GroupDescription>
    Group
  • RHEL 9 must disable core dump backtraces.

    &lt;VulnDiscussion&gt;A core dump includes a memory image taken at the time the operating system terminates an application. The memory image could ...
    Rule Medium Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules