Skip to content

Standard System Security Profile for Fedora

Rules and Groups employed by this XCCDF Profile

  • Set Password Expiration Parameters

    The file <code>/etc/login.defs</code> controls several password-related settings. Programs such as <code>passwd</code>, <code>su</code>, and <code>...
    Group
  • Set Password Maximum Age

    To specify password maximum age for new accounts, edit the file <code>/etc/login.defs</code> and add or correct the following line: <pre>PASS_MAX_D...
    Rule Medium Severity
  • Set Password Minimum Age

    To specify password minimum age for new accounts, edit the file <code>/etc/login.defs</code> and add or correct the following line: <pre>PASS_MIN_D...
    Rule Medium Severity
  • Set Password Warning Age

    To specify how many days prior to password expiration that a warning will be issued to users, edit the file <code>/etc/login.defs</code> and add or...
    Rule Medium Severity
  • Verify Proper Storage and Existence of Password Hashes

    By default, password hashes for local accounts are stored in the second field (colon-separated) in <code>/etc/shadow</code>. This file should be re...
    Group

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules