Details
Configure SELinux to meet or exceed the default targeted policy, which constrains daemons and system software only.
Note: If your organization requires stricter policies, ensure that they are set in the /etc/selinux/config file.
Rationale:
Security configuration requirements vary from site to site. Some sites may mandate a policy that is stricter than the default policy, which is perfectly acceptable. This item is intended to ensure that at least the default recommendations are met.
Solution
Edit the /etc/selinux/config file to set the SELINUXTYPE parameter:
SELINUXTYPE=targeted
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: Access Control, Media Protection.This control applies to the following type of system Unix.