DRAFT - ANSSI-BP-028 (high)
Rules and Groups employed by this XCCDF Profile
-
Ensure AppArmor is enabled in the bootloader configuration
Configure AppArmor to be enabled at boot time and verify that it has not been overwritten by the bootloader boot parameters. Note: This recommendation is designed around the grub bootloader, if LI...Rule Medium Severity -
Verify /boot/grub2/user.cfg Group Ownership
The file <code>/boot/grub2/user.cfg</code> should be group-owned by the <code>root</code> group to prevent reading or modification of the file. To properly set the group owner of <code>/boot/grub2...Rule Medium Severity -
Verify /boot/efi/EFI/redhat/user.cfg Group Ownership
The file <code>/boot/efi/EFI/redhat/user.cfg</code> should be group-owned by the <code>root</code> group to prevent reading or modification of the file. To properly set the group owner of <code>/b...Rule Medium Severity -
Verify Group Who Owns /etc/ipsec.d Directory
To properly set the group owner of/etc/ipsec.d, run the command:$ sudo chgrp root /etc/ipsec.d
Rule Medium Severity -
Verify User Who Owns /etc/ipsec.d Directory
To properly set the owner of/etc/ipsec.d, run the command:$ sudo chown root /etc/ipsec.d
Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules