DRAFT - ANSSI-BP-028 (intermediary)
Rules and Groups employed by this XCCDF Profile
-
Verify Permissions on Important Files and Directories
Permissions for many files on a system must be set restrictively to ensure sensitive information is properly protected. This section discusses important permission restrictions which can be verifie...Group -
Ensure All World-Writable Directories Are Owned by root User
All directories in local partitions which are world-writable should be owned by root. If any world-writable directories are not owned by root, this should be investigated. Following this, the files...Rule Medium Severity -
Verify that All World-Writable Directories Have Sticky Bits Set
When the so-called 'sticky bit' is set on a directory, only the owner of a given file may remove that file from the directory. Without the sticky bit, any user with write access to a directory may ...Rule Medium Severity -
Verify that system commands directories have root as a group owner
System commands are stored in the following directories: by default: <pre>/bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin </pre> All these directories should have <code>root</code...Rule Medium Severity -
Verify that system commands directories have root ownership
System commands are stored in the following directories by default: <pre>/bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin </pre> All these directories should be owned by the <code>...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules