Skip to content

II - Mission Support Sensitive

Rules and Groups employed by this XCCDF Profile

  • The Photon operating system must enable hardlink access control protection in the kernel.

    <VulnDiscussion>By enabling the fs.protected_hardlinks kernel parameter, users can no longer create soft or hard links to files they do not o...
    Rule Medium Severity
  • SRG-OS-000480-GPOS-00227

    <GroupDescription></GroupDescription>
    Group
  • The Photon operating system must restrict core dumps.

    &lt;VulnDiscussion&gt;By enabling the fs.suid_dumpable kernel parameter, core dumps are not generated for setuid or otherwise protected/tainted bin...
    Rule Medium Severity
  • SRG-OS-000363-GPOS-00150

    <GroupDescription></GroupDescription>
    Group
  • The Photon operating system must configure AIDE to detect changes to baseline configurations.

    &lt;VulnDiscussion&gt;Unauthorized changes to the baseline configuration could make the system vulnerable to various attacks or allow unauthorized ...
    Rule Medium Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules